Torben,
I'm at work so haven't got time to think through your setup too much but, off the top of my head, could you not tunnel your VNC traffic over SSH using an ssh parameter like "-L 5900:127.0.0.1:5900"? This would increase the security of the connection and would hopefully work through the firewall without an issue.
I use this setup to remotely administer my family's PC ...
Peter.
On 11 March 2010 16:10, Torben Stones torben@stonesweb.org.uk wrote:
I'm having an interesting but very annoying problem.
I have set up xtightvncserver (client) on one machine in listen mode, and then use x11vnc (server) on another machine. I connect the server to the viewer using the -connect argument. This works fine, as I can see the servers desktop on the client box as expected.
Now I change my routers firewall rules to forward port 5500 to the client, and then try to connect the server to the client, again using the -connect argument, but this time using my external ip-address. This is where it gets odd. The vnc viewer on the client never seems to get a connection from the server. But if I look at the routers logs I can see that a message was received and matched against the correct firewall rule.
I have used ngrep to find out if anything was appearing on port 5500 on the client, and I can see that there is indeed something coming in on port 5500. In ngrep it just appears as
user@localhost:~$ sudo ngrep -d wlan1 port 5500 interface: wlan1 (192.168.0.0/255.255.255.0) filter: (ip or ip6) and ( port 5500 ) ### T 192.168.0.2:45401 -> 192.168.0.6:5500 [R] ...... ### T 192.168.0.2:45401 -> 192.168.0.6:5500 [R] ......
All this means to me is that something is appearing on port 5500, but as it isn't connecting then I can only assume that the wrong stuff is coming in. When I just use the internal address then I can see alot more on port 5500 for example the name of the display.
Can anyone help me with the next step as I don't know what to do next.
Thanks Torben
-- You've got a lot of choices in your life. If getting out of bed in the morning is a chore and you're not smiling on a regular basis, try another choice.
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!