LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 11-20-2012, 05:15 PM   #1
lancelyons
LQ Newbie
 
Registered: Nov 2012
Posts: 5

Rep: Reputation: Disabled
VNC and Ports


We are trying to setup a way to RDP to a Redhat 6 workstation using UltraVNC from a windows 7 box. When I try to connect from the windows box I get a connection failure. If I stop iptables on the redhat box, the connection will work at least one time. This tells me something on the redhat workstation's firewall is blocking.

I tried to allow these ports on the linux side with

iptables -A INPUT -p tcp --dport 5500 -j ACCEPT
iptables -A INPUT -p tcp --dport 5800 -j ACCEPT
iptables -A INPUT -p tcp --dport 5900 -j ACCEPT

Still I am not able to connect.

I am able to telnet to the windows box on that port but I cant telnet to the linux box from the windows box on that port..

telnet ipaddress 5900 doesnt connect on windows box.

turning off iptables shuts down the network so to speak so that isnt a good option.

Any ideas?
 
Old 11-20-2012, 05:29 PM   #2
lancelyons
LQ Newbie
 
Registered: Nov 2012
Posts: 5

Original Poster
Rep: Reputation: Disabled
Here is sample of the iptables rules...

# Generated by iptables-save v1.4.7 on Tue Nov 20 15:49:52 2012
*nat
:PREROUTING ACCEPT [185:38526]
:POSTROUTING ACCEPT [1787:111150]
:OUTPUT ACCEPT [1795:111965]
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
COMMIT
# Completed on Tue Nov 20 15:49:52 2012
# Generated by iptables-save v1.4.7 on Tue Nov 20 15:49:52 2012
*mangle
:PREROUTING ACCEPT [16631:14079981]
:INPUT ACCEPT [16627:14079301]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [16056:2537718]
:POSTROUTING ACCEPT [16104:2547919]
-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
COMMIT
# Completed on Tue Nov 20 15:49:52 2012
# Generated by iptables-save v1.4.7 on Tue Nov 20 15:49:52 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [39:2055]
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --dport 5500 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5800 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5900 -j ACCEPT
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Nov 20 15:49:52 2012
 
Old 11-20-2012, 06:25 PM   #3
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 745

Rep: Reputation: 169Reputation: 169
Oh my...

Well for one thing there are no VNC packages that do RDP. RDP is a Microsoft protocol used by Remote Desktop and RDESKTOP and derivatives and clones. VNC is different, based on code that began its life at IBM. (Thanks guys.)

1. Did you check that VNCSERVER is running on the RH workstation?
2. Are you using VNCVEIWER from the Windows machine?
3. What behavior do you get from VNCVEIWER?
4. Have you extracts from any logs from VNCSERVER?

The telnet test from Linux to Windows tell you nothing, because that is not the connection you say you are trying to make.
The telnet test from Windows to Linux means something, but only if the VNCSERVER is running on the Linux box. (Telnet and vncveiwer can only connect to a service if it happens to be running.)

Once you are sure that VNCSERVER is running, if you still get no connection try turning off the firewall and test again. If you can then connect, you need to retune your firewall rules. IF you STILL cannot connect with the firewall down, then run netstat -an and look for listeners and figure out where VNCSERVER is listening and what connections it will accept.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to create multi ports for VNC on RHEL 5 weibo6914 Linux - Newbie 46 10-11-2012 08:36 PM
Application will launch in console, but not via VNC from menu, but will from VNC/shel tembenite Linux - Software 2 01-26-2012 09:13 PM
VNC displays 'terminal window' that can't be closed after VNC connection to CentOS Hispacific Red Hat 1 10-15-2010 03:44 PM
VNC, time-outs, and ports? bezdomny Linux - Software 2 05-01-2007 06:24 AM
VNC firewall ports Joe Donner Red Hat 5 06-20-2006 03:45 PM


All times are GMT -5. The time now is 05:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration