I've long had a fascination with the concept of easily establishing a TCP or UDP connection easily over the internet between two systems (Linux, Windows, Mac, iOS, Android, embedded Linux, embedded C, etc.) without having to resort to port forwarding.
For example, I've come to really like VNC Connect, which is a built in service installed on Raspberry Pi devices. In an attempt to help out my less-than-techsaavy parents, I've installed Raspberry Pi's on their networks at two of their houses (snowbirds) so I can remotely assist with anything from internet issues to helping them set up surveillance cameras. Having the ability to VNC to a Raspberry Pi on any internet connected network from any other internet connected network without port forwarding, or even having to know the internet facing IP address is a god send.
I've also in the past served as an industrial controls engineer, where often after I would finish integrating a system at a site, I would install an internet hardware appliance that would allow me to establish a VPN connection to the remote control network over the internet from anywhere else in the world (e.g. https://www.ewon.biz/products/cosy). Doing so made troubleshooting with my customer's controls engineers much easier since I had access to their local network without having to configure port forwarding or know their internet facing IP address.
My questions then are: 1) is this concept something that has an actual name? I've heard of this ability referred to as a "reverse proxy" or a "no config direction connection". 2) is there an existing open source project or methodology that allows for this sort of connection that is agnostic of platform? For example, if I didn't want to pay for RealVNC's exorbitant pricing plans for more than 5 devices, could I configure some sort of setup with an AWS instance that automatically connects clients on separate networks together? (So I could have 100 Raspberry Pi's out on different local networks that could be access by me through VNC on my laptop/phone?)
You mentioned also the easiest way and that gets a little more tricky as to what easiest means to you. So in a setup that I do I use PFsense firewalls and I set up port forwarding based on the source DNS name. This allows me to use dynamic DNS to assign that name to whatever IP my management station is on wherever it may be at the current time. The firewalls then allow that IP to be forwarded to something on the other side which could be VNC or an RDP system or something I could SSH into. This is very easy and it avoids the complexity of a VPN at each endpoint that I would need to manage. There are some downsides to this and some risks. If someone was to determine there's a DNS name and hijack the DNS they can simply remap it to their own system. Of course there is a second layer because even when the ports are forwarded and allowed there is authentication that needs to be taken place as well but there is still the possibility of the exploits against whatever we're forwarding through too. So it does rely on a bit of obscurity of having to know that this innocuous dynamic DNS name allows connectivity to these also unknown endpoints. You kind of have to weigh the pros and cons of it. Is it good enough for home connectivity or management of something that has low risk information on it should it be compromised? Yes I think it's probably good enough for that. If you're talking about a corporation with highly sensitive information then it's probably not good enough for that.