LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-11-2006, 01:01 PM   #1
anthonysaulnier
Member
 
Registered: Sep 2005
Posts: 109

Rep: Reputation: 15
VNC and IPForwarding


I have a linux router/firewall and I am trying to set up VNC so that clients with computer problems can connect to my Windows computer.

I have the following firewall setup:

iptables -F
echo 1 > /proc/sys/net/ipv4/ip_forward
chkconfig --level 345 iptables on
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -P INPUT DROP
iptables -A INPUT -i ! eth0 -j ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p TCP -i eth0 --dport 80 -j ACCEPT
# Port redirect
# VNC Listens for tech support

iptables -t nat -A PREROUTING -p tcp -i eth1 -d 70.24.184.120 --dport 5900 -j DNAT --to 10.0.0.2:5900
iptables -t nat -A PREROUTING -p tcp -i eth1 -d 70.24.184.120 --dport 5901 -j DNAT --to 10.0.0.2:5901

service iptables save


Clients are complaining that they cannot connect to my computer using the "Add New Client" option when they put in my external IP address.

I would try connecting to them, but most of them are behind routers and dont have a clue how to find the IP address of the router.


If anybody could help, it would be appreciated.
 
Old 06-11-2006, 01:48 PM   #2
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Which is your external nic eth0 or eth1?

If eth0 then it should be like this to portforward to internal machine.
iptables -t nat -A PREROUTING -i eth0 -p tcp -d 70.24.184.120 --dport 5900 -j DNAT --to-destination 10.0.0.2:5900

Also before this you need the 5900 port open on the eth0 just like you did for port 80 to your webserver on the router it looks like.
IPTABLES -A ALLOW_PORTS -m state --state NEW -p tcp -i eth0 --dport 5900 -j ACCEPT
or
iptables -A INPUT -p TCP -i eth0 --dport 5900 -j ACCEPT
Either should work.

See if that helps.
Brian1

Last edited by Brian1; 06-11-2006 at 02:10 PM.
 
Old 06-11-2006, 01:54 PM   #3
anthonysaulnier
Member
 
Registered: Sep 2005
Posts: 109

Original Poster
Rep: Reputation: 15
Hi Brian, my external nic is eth1. I noticed that you indicated port 2500. I wonder what that port is for.

Yeah I realize now what I forgot open port 5900. You are right, I need to open that as I did for port 80.

I will have to give it a try.


Anthony
 
Old 06-11-2006, 01:56 PM   #4
anthonysaulnier
Member
 
Registered: Sep 2005
Posts: 109

Original Poster
Rep: Reputation: 15
sorry, meant eth0 is my external nic
 
Old 06-11-2006, 02:11 PM   #5
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
My fault, I sometimes think faster than I type or is ti the other way around. Fixed the post anyways.

Brian1
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
a good ipforwarding guide Zaius Linux - Newbie 1 01-11-2004 06:40 PM
ipforwarding ??? adavila Linux - Networking 1 10-22-2003 08:59 PM
Dual NIC's ipforwarding? TheRealDeal Linux - Networking 2 09-26-2003 01:10 AM
masquerading and ipforwarding (ipchains) magguz Linux - Newbie 1 09-24-2003 01:25 PM
setting up ipforwarding anwar_lpk Linux - Networking 2 05-09-2003 12:05 AM


All times are GMT -5. The time now is 08:09 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration