LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Problem with VNC on Natted Windows Client (https://www.linuxquestions.org/questions/linux-networking-3/problem-with-vnc-on-natted-windows-client-360873/)

Palula 09-06-2005 07:40 PM
Problem with VNC on Natted Windows Client
 
Hello all!

Structure:

Home LAN with Linux Firewall forwarding the internet connections and two clients - Client 1 = Win 98; Client 2 = Windows XP. My homelinux is Fedora Core 3 by the way...

I use RealVNC (Free Edition 4.1.1).

Problem: I canīt connect to one of my clients (XP) through the Internet although everything looks well configured. The message VNC returns after some time trying to connect is: Connection Timed Out.

Here is my Vnc, Client and Router/Firewall configs so that we can see if everything is tightened up and should be running.

VNC: Is waiting connections on a specific port wich I will call "vnc port".

Client: I entered the windows Firewall Exception rules and created two exception rules wich permits incoming connections to the "vnc port" (both of them. Client and HTTP). This client has an assigned IP wich I will call "client assigned IP".

Router/Firewall: The server has a Firewall rule wich permits incoming connections through "vnc port" and those incoming pakcets should be "DNAT-ted" to the "client assigned IP":"vnc port".

Code:
/sbin/iptables -A FORWARD -j ACCEPT -i $wanic -p tcp --dport "vnc port"
/sbin/iptables -t nat -A PREROUTING -i $wanic -p tcp --dport "vnc port" -j DNAT --to-destination "client assigned IP":"vnc port"
Ok thatīs it. Why isnīt it running. Maybe here someone can see something I forgot. :)

Last thing: Iīd like to know what is the right way to connect with the client or browser to VNC on a SPECIFIC PORT. I used for both: "Router/Firewall IP":"vnc port". So it would look like something like this: 200.2.233.14:12 (totally random IP/port). And beyond this, The Firewall should be redirecting the connection to the client and port specified.

cardy 09-08-2005 06:47 AM
I don't know if you have changed it on the VNC server but the default vnc port is 5900. when you connect to vnc you specify a hostname/ip address and a screen number not a port. The screen number is added to the default 5900 port number to give the real port number that is connected to.

Server ports
Code:
Screen Number        Real Port Number
      0                    5900
      1                    5901
      2                    5902
and so on.......
when you use vncviewer if you wish to connect to the screen you use as I believe you have been trying

router/machine:screen

If you wish to connect to the port you need to use

router/machine::port

(note the double colon)

Palula 09-08-2005 08:09 AM
Yep... The default VNC server port is 5900 and I changed that port to specifically the "vnc port" I want to use.
By doing that, I thouth logically that the screen I should use is: 0. Since I changed it. When I put 0 I will be connecting to the port I specified on the server setting right?
Anyway, that didnīt work, nor did the other form: Connecting to a specified port using a double semi-colon.

Still get the message: "Unable to connect to host: Connection timed out (10060)"

cardy 09-08-2005 01:17 PM
its a double colon not a semi colon.

I have tested it and it does work when using machine::port

Palula 09-09-2005 01:45 PM
Iīm sorry but I meant a doube colon. I tested the double colon and it doesnīt work. :(

Palula 09-12-2005 11:01 AM
The machine that Iīm trying to connect has Windows XP and Iīm trying to perform a remote connection ( through the internet). I read somewhere on the site that this is not possible with Windows XP. I donīt know if itīs that is really true due to the lack of english undestanding. Can anyone confirm this to me?


All times are GMT -5. The time now is 12:48 PM.