Removed RDP in favor of VNC / Made WireGuard Tunnel Persistent

Docs/agent-runtime.md

@@ -15,7 +15,7 @@ Describe the Borealis agent runtime, its roles, service modes, and how it commun
 - `role_DeviceAudit.py` (ROLE_NAME: `device_audit`) - inventory and audit data capture.
 - `role_Macro.py` (ROLE_NAME: `macro`) - macro automation.
 - `role_PlaybookExec_SYSTEM.py` (ROLE_NAME: `playbook_exec_system`) - Ansible playbook runner (unfinished).
-- `role_RDP.py` (ROLE_NAME: `RDP`) - RDP readiness hooks.
+- `role_VNC.py` (ROLE_NAME: `VNC`) - on-demand UltraVNC server lifecycle.
 - `role_RemotePowershell.py` (ROLE_NAME: `RemotePowershell`) - TCP PowerShell server over WireGuard.
 - `role_Screenshot.py` (ROLE_NAME: `screenshot`) - screenshot capture.
 - `role_ScriptExec_CURRENTUSER.py` (ROLE_NAME: `script_exec_currentuser`) - interactive PowerShell execution.
@@ -34,6 +34,7 @@ Describe the Borealis agent runtime, its roles, service modes, and how it commun
 - `POST /api/agent/heartbeat` (Device Authenticated) - heartbeat + metrics.
 - `POST /api/agent/details` (Device Authenticated) - hardware/inventory payloads.
 - `POST /api/agent/script/request` (Device Authenticated) - request work or receive idle signal.
+- `POST /api/agent/vpn/ensure` (Device Authenticated) - persistent WireGuard tunnel bootstrap.
 
 ## Related Documentation
 - [Security and Trust](security-and-trust.md)
@@ -66,8 +67,10 @@ Describe the Borealis agent runtime, its roles, service modes, and how it commun
 - `AgentHttpClient.ensure_authenticated()` handles enrollment and refresh.
 - Socket.IO is used for:
   - `quick_job_run` dispatch (script execution payloads).
-  - `vpn_tunnel_start` and `vpn_tunnel_stop` (WireGuard lifecycle).
+  - `vpn_tunnel_start` (WireGuard lifecycle; tunnels are persistent and ignore stop events).
   - `connect_agent` registration (agent socket registry).
+- WireGuard tunnels are ensured via `POST /api/agent/vpn/ensure` on boot and refreshed periodically.
+- The ensure loop re-establishes the tunnel automatically after network hiccups.
 
 ### Token storage
 - Refresh tokens are stored encrypted (DPAPI on Windows) in `refresh.token`.
@@ -89,7 +92,8 @@ Describe the Borealis agent runtime, its roles, service modes, and how it commun
   - Confirm `quick_job_run` events and the correct role context.
   - Verify signatures with `signature_utils` logs.
 - If VPN fails:
-  - Check agent WireGuard role logs and ensure the Engine emitted `vpn_tunnel_start`.
+  - Check agent WireGuard role logs and confirm `/api/agent/vpn/ensure` succeeds.
+  - Ensure the Engine has an active tunnel session and the WireGuard service is running.
 
 ### Borealis Agent Codex (Full)
 Use this section for agent-only work (Borealis agent runtime under `Data/Agent` -> `/Agent`). Shared guidance is consolidated in `ui-and-notifications.md` and the Engine runtime notes.

Docs/api-reference.md

@@ -32,6 +32,7 @@ Provide a consolidated, human-readable list of Borealis Engine API endpoints gro
 - `POST /api/agent/heartbeat` (Device Authenticated) - heartbeat + metrics.
 - `POST /api/agent/details` (Device Authenticated) - full hardware/inventory payload.
 - `POST /api/agent/script/request` (Device Authenticated) - request work or idle signal.
+- `POST /api/agent/vpn/ensure` (Device Authenticated) - persistent WireGuard tunnel bootstrap.
 - `GET /api/agents` (Token Authenticated) - list online collectors by hostname/context.
 - `GET /api/devices` (Token Authenticated) - device summary list.
 - `GET /api/devices/<guid>` (Token Authenticated) - device summary by GUID.
@@ -102,14 +103,18 @@ Provide a consolidated, human-readable list of Borealis Engine API endpoints gro
 - `POST /api/notifications/notify` (Token Authenticated) - broadcast toast notification.
 
 ### VPN and Remote Access
-- `POST /api/tunnel/connect` (Token Authenticated) - start WireGuard tunnel.
+- `POST /api/tunnel/connect` (Token Authenticated) - ensure WireGuard tunnel material for an agent.
 - `GET /api/tunnel/status` (Token Authenticated) - tunnel status by agent.
-- `GET /api/tunnel/connect/status` (Token Authenticated) - alias for status.
 - `GET /api/tunnel/active` (Token Authenticated) - list active tunnels.
-- `DELETE /api/tunnel/disconnect` (Token Authenticated) - stop tunnel.
 
-### RDP
-- `POST /api/rdp/session` (Token Authenticated) - issue Guacamole RDP session token.
+### VNC
+- `POST /api/vnc/establish` (Token Authenticated) - establish VNC session token.
+- `POST /api/vnc/disconnect` (Token Authenticated) - disconnect VNC session.
+- `POST /api/vnc/session` (Token Authenticated) - legacy alias for establish.
+
+### Remote Shell
+- `POST /api/shell/establish` (Token Authenticated) - establish remote shell session.
+- `POST /api/shell/disconnect` (Token Authenticated) - disconnect remote shell session.
 
 ### Server Info and Logs
 - `GET /api/server/time` (Operator Session) - server clock.

Docs/architecture-overview.md

@@ -10,16 +10,16 @@ Explain how Borealis is structured and how the core components interact end to e
 - Agent: Python runtime that enrolls, reports inventory, executes scripts, and opens VPN tunnels.
 - SQLite database: stores devices, approvals, schedules, activity history, tokens, and configuration records.
 - Assemblies: script definitions stored in SQLite domains with payload artifacts on disk.
-- Remote access: WireGuard reverse VPN, remote PowerShell, and Guacamole-backed RDP proxy.
+- Remote access: WireGuard reverse VPN, remote PowerShell, and VNC via noVNC.
 
 ## How the Pieces Talk
 - Enrollment: agent calls `/api/agent/enroll/request` and `/api/agent/enroll/poll`, operator approves, Engine issues tokens and cert bundle.
 - Inventory: agent posts `/api/agent/heartbeat` and `/api/agent/details`, Engine updates device records.
 - Quick jobs: operator calls `/api/scripts/quick_run`, Engine emits `quick_job_run` over Socket.IO, agent executes and returns `quick_job_result`.
 - Scheduled jobs: scheduler reads jobs from DB, resolves targets (including filters), then emits quick jobs.
-- VPN tunnels: operator calls `/api/tunnel/connect`, Engine emits `vpn_tunnel_start`, agent starts WireGuard client.
+- VPN tunnels: agent calls `/api/agent/vpn/ensure`, Engine emits `vpn_tunnel_start`, agent keeps WireGuard client online.
 - Remote shell: UI uses Socket.IO `vpn_shell_*` events, Engine bridges to agent TCP shell over WireGuard.
-- RDP: operator calls `/api/rdp/session`, Engine creates a one-time token and proxies Guacamole WebSocket to guacd.
+- VNC: operator calls `/api/vnc/establish`, Engine creates a one-time token and proxies noVNC WebSocket to the agent VNC server.
 - Notifications: operator or services call `/api/notifications/notify`, WebUI receives `borealis_notification` events.
 
 ## Directory Map (High Level)
@@ -50,7 +50,7 @@ None on this page. See [API Reference](api-reference.md).
 - Engine realtime: `Data/Engine/services/WebSocket/` (Socket.IO events: quick jobs, VPN shell, agent socket registry).
 - WebUI hosting: `Data/Engine/services/WebUI/` (SPA static assets and 404 fallback).
 - VPN orchestration: `Data/Engine/services/VPN/` (WireGuard server and tunnel lifecycle).
-- Remote desktop proxy: `Data/Engine/services/RemoteDesktop/` (Guacamole WebSocket proxy).
+- Remote desktop proxy: `Data/Engine/services/RemoteDesktop/` (VNC WebSocket proxy).
 - Filters and targeting: `Data/Engine/services/filters/matcher.py` (used by scheduled jobs and filter counts).
 - Agent roles: `Data/Agent/Roles/` (script exec, screenshot, WireGuard tunnel, remote PowerShell, etc).
 
@@ -61,11 +61,10 @@ None on this page. See [API Reference](api-reference.md).
   3) Agent role executes and posts `quick_job_result` over Socket.IO.
   4) Engine updates `activity_history` and emits `device_activity_changed`.
 - VPN shell:
-  1) UI calls `/api/tunnel/connect` to request tunnel material.
-  2) Engine emits `vpn_tunnel_start` to agent socket.
-  3) Agent WireGuard role starts tunnel; agent shell role listens on TCP 47002.
-  4) UI opens `vpn_shell_open` Socket.IO event; Engine bridges to TCP shell.
-  5) UI sends/receives `vpn_shell_send` and `vpn_shell_output` events.
+  1) UI calls `/api/shell/establish` to ensure shell readiness.
+  2) Agent WireGuard role keeps the tunnel online; agent shell role listens on TCP 47002.
+  3) UI opens `vpn_shell_open` Socket.IO event; Engine bridges to TCP shell.
+  4) UI sends/receives `vpn_shell_send` and `vpn_shell_output` events.
 
 ### Runtime boundaries
 - Do not edit `Engine/` or `Agent/` directly. They are recreated on each launch.
@@ -79,4 +78,4 @@ None on this page. See [API Reference](api-reference.md).
 ### Interaction points to remember
 - REST for inventory, enrollment, and admin actions.
 - Socket.IO for realtime job results, VPN shell, and notifications.
-- WireGuard for remote protocol transport (shell, RDP, future protocols).
+- WireGuard for remote protocol transport (shell, VNC, future protocols).

Docs/device-management.md

@@ -73,7 +73,7 @@ Explain how Borealis tracks devices, ingests inventory, manages sites and filter
 
 ## Codex Agent (Detailed)
 ### Key files and services
-- Device APIs: `Data/Engine/services/API/devices/` (management, approval, tunnel, rdp, routes).
+- Device APIs: `Data/Engine/services/API/devices/` (management, approval, tunnel, vnc, routes).
 - Filters: `Data/Engine/services/filters/matcher.py` and `Data/Engine/services/API/filters/management.py`.
 - Enrollment approvals: `Data/Engine/services/API/devices/approval.py`.
 

Docs/engine-runtime.md

@@ -11,7 +11,7 @@ Describe the Borealis Engine runtime, its services, configuration, and operation
 - WebUI serving: `Data/Engine/services/WebUI/` (SPA static assets and 404 fallback).
 - Realtime events: `Data/Engine/services/WebSocket/` (quick job results, VPN shell bridge).
 - VPN orchestration: `Data/Engine/services/VPN/` (WireGuard server manager + tunnel service).
-- Remote desktop proxy: `Data/Engine/services/RemoteDesktop/` (Guacamole WebSocket bridge).
+- Remote desktop proxy: `Data/Engine/services/RemoteDesktop/` (VNC WebSocket bridge).
 - Assemblies: `Data/Engine/assembly_management/` and `Data/Engine/services/assemblies/`.
 
 ## Runtime Paths
@@ -41,7 +41,7 @@ Describe the Borealis Engine runtime, its services, configuration, and operation
 ### EngineContext and lifecycle
 - `Data/Engine/server.py` builds an `EngineContext` that includes:
   - TLS paths, WireGuard settings, scheduler, Socket.IO instance.
-  - RDP proxy settings (guacd host/port, ws host/port, session TTL).
+  - VNC proxy settings (VNC port, ws host/port, session TTL).
 - The app factory wires in:
   - API registration: `API.register_api(app, context)`
   - WebUI static hosting: `WebUI.register_web_ui(app, context)`
@@ -72,11 +72,12 @@ Describe the Borealis Engine runtime, its services, configuration, and operation
 - Dev UI uses Vite and still relies on Engine APIs for data.
 - The SPA fallback in `Data/Engine/services/WebUI/__init__.py` prevents 404s on client routes.
 
-### WireGuard and RDP wiring
+### WireGuard and VNC wiring
 - WireGuard server manager: `Data/Engine/services/VPN/wireguard_server.py`.
 - Tunnel orchestration: `Data/Engine/services/VPN/vpn_tunnel_service.py`.
-- RDP proxy: `Data/Engine/services/RemoteDesktop/guacamole_proxy.py`.
-- API entrypoints: `/api/tunnel/*` and `/api/rdp/session`.
+- VNC proxy: `Data/Engine/services/RemoteDesktop/vnc_proxy.py`.
+- API entrypoints: `/api/vnc/establish`, `/api/vnc/disconnect`, `/api/shell/establish`, `/api/shell/disconnect`.
+- Persistent tunnels are established by agents via `POST /api/agent/vpn/ensure` and kept online.
 
 ### Assembly runtime
 - Assembly cache is initialized in `Data/Engine/assembly_management` and attached to `context.assembly_cache`.

Docs/index.md

@@ -49,7 +49,7 @@ None. This index only links to other pages.
 - Read `getting-started.md` and `architecture-overview.md` to build the global model.
 - Use `engine-runtime.md` and `agent-runtime.md` for implementation-level details.
 - Use `ui-and-notifications.md` for MagicUI, AG Grid, and toast notification rules.
-- Use `vpn-and-remote-access.md` for WireGuard and remote shell/RDP details.
+- Use `vpn-and-remote-access.md` for WireGuard and remote shell/VNC details.
 - Use `security-and-trust.md` for enrollment, tokens, and code-signing behavior.
 
 ### Where the truth lives in code

Docs/security-and-trust.md

@@ -39,7 +39,7 @@ Explain the Borealis trust model, enrollment security, token handling, and code
 
 ### WireGuard Agent to Engine Tunnels
 - Borealis started with a bespoke reverse tunnel stack (WebSocket framing + domain lanes); its handshake and security model did not scale, so the project moved to WireGuard as the Engine <-> Agent data pipeline for secure remote protocols and future remote desktop control.
-- On-demand, outbound-only: operators trigger a tunnel start, the agent dials the Engine (no inbound listeners), and the tunnel tears down on stop or idle.
+- Persistent, outbound-only: agents ensure the tunnel at boot (no inbound listeners), and it remains online while the agent runs.
 - Shared sessions: one live VPN tunnel per agent, reused across operators to avoid redundant connections.
 - Fast and robust transport: WireGuard provides encrypted UDP transport with lightweight handshakes that keep latency low and reconnects resilient.
 - Orchestration security: the Engine issues short-lived, Ed25519-signed tunnel tokens that the agent verifies before bringing the tunnel up.
@@ -47,8 +47,8 @@ Explain the Borealis trust model, enrollment security, token handling, and code
 - Isolation by default: each agent gets a host-only /32; AllowedIPs are restricted to the agent /32 and the Engine /32; no LAN routes and no client-to-client traffic.
 - Port-level controls: per-device allowlists plus Engine-applied firewall rules limit which protocols can traverse the tunnel.
 - Live PowerShell today: a VPN-only shell endpoint enables remote command execution with SYSTEM-level (`NT AUTHORITY\\SYSTEM`) access for deep diagnostics and remediation.
-- Session lifecycle: 15-minute idle timeout with no grace period; session material includes a virtual IP plus allowed ports; teardown removes the tunnel and firewall rules.
-- Future protocols: extend the same tunnel for SSH, WinRM, RDP, VNC, WebRTC streaming, and other remote management workflows by enabling ports per device.
+- Session lifecycle: tunnels stay online with `PersistentKeepalive = 30`; session material includes a virtual IP plus allowed ports; role-level disconnects (shell/VNC) leave the tunnel intact.
+- Future protocols: extend the same tunnel for SSH, WinRM, VNC, WebRTC streaming, and other remote management workflows by enabling ports per device.
 
 ## Enrollment and Identity
 - Enrollment uses install codes and operator approval.

Docs/ui-and-notifications.md

@@ -270,7 +270,7 @@ This section captures the UI behavior requirements and troubleshooting context f
 #### Important references
 - Toast API and payload rules are documented above.
 - UI file: `Data/Engine/web-interface/src/Devices/ReverseTunnel/Powershell.jsx`.
-- API status endpoint: `/api/tunnel/status` returns `agent_socket` when available.
+- API establish endpoint: `/api/shell/establish` returns `agent_socket` when available.
 - Socket error path: `agent_socket_missing`.
 
 #### Troubleshooting context

Docs/vpn-and-remote-access.md

@@ -2,25 +2,28 @@
 [Back to Docs Index](index.md) | [Index (HTML)](index.html)
 
 ## Purpose
-Document Borealis remote access features: WireGuard reverse VPN tunnels, remote PowerShell, and RDP via Guacamole.
+Document Borealis remote access features: WireGuard reverse VPN tunnels, remote PowerShell, and VNC via noVNC.
 
 ## WireGuard Reverse VPN (High Level)
 - Outbound-only: agents initiate tunnels to the Engine; no inbound listeners on devices.
 - Transport: WireGuard UDP 30000.
-- One active tunnel per agent, shared across operators.
+- One persistent tunnel per agent, established at agent boot and shared across operators.
 - Host-only routing: each agent gets a /32; no client-to-client routes.
-- Idle timeout: 15 minutes without activity.
+- Keepalive: `PersistentKeepalive = 30` seconds on the agent.
+- No idle teardown while the agent service is running.
 - Per-device allowlist: ports are restricted per device and enforced by Engine firewall rules.
 
 ## Remote PowerShell
 - Uses the WireGuard tunnel and a TCP shell server on the agent.
+- UI establishes sessions via `/api/shell/establish` and disconnects via `/api/shell/disconnect`.
 - Engine bridges UI Socket.IO events to the agent TCP shell.
 - Shell port default: 47002 (configurable).
 
-## RDP via Guacamole
-- Engine issues one-time RDP session tokens via `/api/rdp/session`.
-- WebUI connects to `ws(s)://<engine_host>:4823/guacamole`.
-- RDP allowed only if the device allowlist includes 3389.
+## VNC via noVNC
+- Engine issues one-time VNC session tokens via `/api/vnc/establish`.
+- WebUI connects to `ws(s)://<engine_host>:4823/vnc`.
+- VNC allowed only if the device allowlist includes 5900.
+- Agent runs UltraVNC as a Windows service; Borealis opens the VNC firewall rule on demand and closes it via `/api/vnc/disconnect`.
 
 ## Reverse Proxy Configuration
 Traefik dynamic config (replace service URL with the actual Borealis Engine URL):
@@ -62,14 +65,16 @@ http:
 ```
 
 ## API Endpoints
-- `POST /api/tunnel/connect` (Token Authenticated) - start WireGuard tunnel.
+- `POST /api/tunnel/connect` (Token Authenticated) - ensure WireGuard tunnel material for an agent.
 - `GET /api/tunnel/status` (Token Authenticated) - tunnel status by agent.
-- `GET /api/tunnel/connect/status` (Token Authenticated) - alias for status.
 - `GET /api/tunnel/active` (Token Authenticated) - list active tunnels.
-- `DELETE /api/tunnel/disconnect` (Token Authenticated) - stop tunnel.
+- `POST /api/agent/vpn/ensure` (Device Authenticated) - agent-side persistent tunnel bootstrap.
 - `GET /api/device/vpn_config/<agent_id>` (Token Authenticated) - read allowed ports.
 - `PUT /api/device/vpn_config/<agent_id>` (Token Authenticated) - update allowed ports.
-- `POST /api/rdp/session` (Token Authenticated) - issue RDP session token.
+- `POST /api/vnc/establish` (Token Authenticated) - establish VNC session token.
+- `POST /api/vnc/disconnect` (Token Authenticated) - disconnect VNC session (closes firewall).
+- `POST /api/shell/establish` (Token Authenticated) - establish remote shell session.
+- `POST /api/shell/disconnect` (Token Authenticated) - disconnect remote shell session.
 
 ## Related Documentation
 - [Device Management](device-management.md)
@@ -83,12 +88,13 @@ http:
 - WireGuard server manager: `Data/Engine/services/VPN/wireguard_server.py`.
 - Tunnel API: `Data/Engine/services/API/devices/tunnel.py`.
 - Shell bridge: `Data/Engine/services/WebSocket/vpn_shell.py`.
-- RDP session API: `Data/Engine/services/API/devices/rdp.py`.
-- Guacamole proxy: `Data/Engine/services/RemoteDesktop/guacamole_proxy.py`.
+- VNC session API: `Data/Engine/services/API/devices/vnc.py`.
+- VNC proxy: `Data/Engine/services/RemoteDesktop/vnc_proxy.py`.
 
 ### Core Agent files
 - WireGuard client role: `Data/Agent/Roles/role_WireGuardTunnel.py`.
 - Remote PowerShell role: `Data/Agent/Roles/role_RemotePowershell.py`.
+- VNC role: `Data/Agent/Roles/role_VNC.py`.
 
 ### Config paths
 - Engine WireGuard config: `Engine/WireGuard/borealis-wg.conf`.
@@ -105,11 +111,11 @@ http:
   - `Borealis - WireGuard - Agent`
 
 ### Event flow (WireGuard tunnel)
-1) UI calls `/api/tunnel/connect`.
-2) Engine creates a tunnel session and emits `vpn_tunnel_start`.
-3) Agent verifies token signature and starts WireGuard client.
+1) Agent calls `/api/agent/vpn/ensure` at boot (and periodically) to establish the persistent tunnel.
+2) Engine creates or reuses the tunnel session and emits `vpn_tunnel_start`.
+3) Agent verifies the token signature and starts the WireGuard client with `PersistentKeepalive = 30`.
 4) Engine applies firewall allowlist rules for the agent /32.
-5) Activity is recorded in `activity_history` as a VPN event.
+5) UI sessions (shell/VNC) reuse the existing tunnel without teardown.
 
 ### Event flow (Remote PowerShell)
 1) UI opens a shell and emits `vpn_shell_open`.
@@ -119,13 +125,16 @@ http:
 5) Agent returns stdout frames; Engine emits `vpn_shell_output`.
 
 ### Allowed ports and ACL rules
-- Default allowlist (Windows): 3389, 5985, 5986, 5900, 3478, 47002.
+- Default allowlist (Windows): 5985, 5986, 5900, 3478, 47002.
 - Per-device overrides are stored in `device_vpn_config`.
 - Engine creates outbound firewall rules for each allowed port and protocol.
 
-### Idle timeout behavior
-- The tunnel idle timer resets when activity is detected or when `bump_activity` is called.
-- Idle sessions are torn down and firewall rules are removed.
+### Persistent tunnel behavior
+- WireGuard sessions stay online while the agent service is running.
+- There are no tunnel-disconnect endpoints; only role-level disconnects (shell/VNC) exist.
+- The tunnel and per-device firewall rules remain in place while the agent runs.
+- Keepalive is handled by WireGuard (`PersistentKeepalive = 30` seconds).
+- The agent periodically calls `/api/agent/vpn/ensure` to heal the tunnel if it drops.
 
 ### Logs to inspect
 - Engine tunnel log: `Engine/Logs/VPN_Tunnel/tunnel.log`.
@@ -135,27 +144,28 @@ http:
 
 ### Troubleshooting checklist
 - Confirm WireGuard service is running (Engine and Agent).
+- Confirm the agent successfully calls `/api/agent/vpn/ensure` after boot.
 - Confirm `/api/tunnel/status` returns `status=up` and `agent_socket=true`.
 - Verify `Agent/Borealis/Settings/WireGuard/Borealis.conf` during an active session.
 - Test TCP shell reachability: `Test-NetConnection <agent_vpn_ip> -Port 47002`.
 
 ### Known limitations
 - Legacy WebSocket tunnels are retired; only WireGuard is supported.
-- RDP requires guacd running and port 3389 allowed in VPN config.
+- VNC requires UltraVNC running on the agent and port 5900 allowed in VPN config.
 
 ### Reverse VPN Tunnels (WireGuard) - Full Reference
 #### 1) High-level model
 - Outbound-only: agents establish WireGuard tunnels to the Engine; no inbound access on devices.
 - Transport: WireGuard/UDP on port 30000.
-- Sessions: one live VPN tunnel per agent; multiple operators share it.
+- Sessions: one persistent VPN tunnel per agent; multiple operators share it.
 - Routing: host-only /32 per agent; AllowedIPs restricted to the agent /32 and engine /32; no client-to-client.
-- Idle timeout: 15 minutes of no operator activity; no grace period.
+- Keepalive: `PersistentKeepalive = 30` seconds; tunnels stay up while agents run.
 - Keys: WireGuard server keys under `Engine/Certificates/VPN_Server`; client keys under `Agent/Borealis/Certificates/VPN_Client`.
 
 #### 2) Engine components
 - Orchestrator: `Data/Engine/services/VPN/vpn_tunnel_service.py`
   - Allocates per-agent /32, issues short-lived orchestration tokens, enforces single-session.
-  - Starts/stops WireGuard listener, applies firewall rules, idles out on inactivity.
+  - Keeps the WireGuard listener online, applies firewall rules, and avoids idle teardown in persistent mode.
   - Emits Socket.IO events: `vpn_tunnel_start`, `vpn_tunnel_stop`, `vpn_tunnel_activity`.
 - WireGuard manager: `Data/Engine/services/VPN/wireguard_server.py`
   - Generates server keys, renders config, manages `wireguard.exe` tunnel service, applies ACL rules.
@@ -164,17 +174,20 @@ http:
 - Logging: `Engine/Logs/VPN_Tunnel/tunnel.log` plus Device Activity entries; shell I/O is in `Engine/Logs/VPN_Tunnel/remote_shell.log`.
 
 #### 3) API endpoints
-- `POST /api/tunnel/connect` -> issues session material (tunnel_id, token, virtual_ip, endpoint, allowed_ports, idle_seconds).
+- `POST /api/tunnel/connect` -> issues or reuses session material (tunnel_id, token, virtual_ip, endpoint, allowed_ports).
 - `GET /api/tunnel/status` -> returns up/down status for an agent.
-- `GET /api/tunnel/connect/status` -> alias for status (used by UI before shell open).
 - `GET /api/tunnel/active` -> lists active VPN tunnel sessions (tunnel_id, agent_id, virtual_ip, last_activity, etc.).
-- `DELETE /api/tunnel/disconnect` -> immediate teardown (agent and engine cleanup).
+- `POST /api/agent/vpn/ensure` -> device-authenticated tunnel bootstrap for persistent mode.
+- `POST /api/shell/establish` -> establish remote shell session.
+- `POST /api/shell/disconnect` -> disconnect remote shell session.
+- `POST /api/vnc/establish` -> establish VNC session token.
+- `POST /api/vnc/disconnect` -> disconnect VNC session (closes firewall).
 - `GET /api/device/vpn_config/<agent_id>` -> read per-agent allowed ports.
 - `PUT /api/device/vpn_config/<agent_id>` -> update allowed ports.
 
 #### 4) Agent components
 - Tunnel lifecycle: `Data/Agent/Roles/role_WireGuardTunnel.py`
-  - Validates orchestration tokens, starts/stops WireGuard client service, enforces idle.
+  - Validates orchestration tokens, starts WireGuard client service, keeps the tunnel persistent.
 - Shell server: `Data/Agent/Roles/role_RemotePowershell.py`
 - TCP PowerShell server bound to `0.0.0.0:47002`, restricted to VPN subnet (10.255.x.x).
 - Logging: `Agent/Logs/VPN_Tunnel/tunnel.log` (tunnel lifecycle) and `Agent/Logs/VPN_Tunnel/remote_shell.log` (shell I/O).
@@ -221,8 +234,8 @@ This section consolidates the troubleshooting context and environment notes for
 - Configs must live inside the project root:
   - Agent: Agent\Borealis\Settings\WireGuard\Borealis.conf
   - Engine: Engine\WireGuard\borealis-wg.conf
-- Agent brings up the WireGuard tunnel on vpn_tunnel_start, then remote shell/RDP/VNC/SSH flow through it.
-- On stop/idle, the tunnel is torn down and firewall rules removed.
+- Agent ensures the WireGuard tunnel on boot via `/api/agent/vpn/ensure`, then remote shell/VNC/SSH flow through it.
+- No idle teardown; tunnels and firewall rules stay in place while the agent is running.
 
 #### Recent changes (current repo state)
 - Data/Agent/Roles/role_WireGuardTunnel.py
@@ -231,7 +244,8 @@ This section consolidates the troubleshooting context and environment notes for
   - Endpoint override: if Engine sends localhost, use host from server_url.txt and port from the token.
   - Config path preference: Agent\Borealis\Settings\WireGuard.
   - Service display name set to "Borealis - WireGuard - Agent".
-  - Applies/removes the VPN shell firewall rule using the engine /32 from allowed_ips.
+  - Persistent tunnels with `PersistentKeepalive = 30`.
+  - Applies the VPN shell firewall rule using the engine /32 from allowed_ips.
 - Data/Engine/services/VPN/wireguard_server.py
   - Engine config path: Engine\WireGuard\borealis-wg.conf (project root only).
   - Removed invalid "SaveConfig = false" line (WireGuard rejected it).
@@ -283,5 +297,5 @@ Note: Data/Agent changes only apply after Borealis.ps1 re-stages the agent under
 #### Current blockers and next steps
 1) Ensure the agent runtime is re-staged so `role_WireGuardTunnel.py` applies the shell firewall rule on tunnel start.
 2) During an active session, run `Test-NetConnection -ComputerName 10.255.0.2 -Port 47002` on the Engine and confirm it reaches the agent.
-3) While the session is active, confirm `Agent\Borealis\Settings\WireGuard\Borealis.conf` includes a [Peer] with endpoint/AllowedIPs (it reverts to idle config after stop).
+3) Confirm `Agent\Borealis\Settings\WireGuard\Borealis.conf` includes a [Peer] with endpoint/AllowedIPs while the agent is running.
 4) Capture engine and agent tunnel/shell logs around a failed shell open attempt and re-check WireGuard service state if issues persist.