Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm having trouble getting my vnc viewer working through a firewall using ssh tunneling. Here is my setup:
Windows XP using TightVNC viewer to connect using PuTTY to remote Linux (FC5) vncserver. There is a router between the Linux box
PuTTY settings:
Host Name: <my_external_host_name>
Port : 45900 (yes, I'm using non-standard ports)
SSH - X11: Enable X11 forwarding is checked.
X display location is localhost:0
SSH - Tunnels:
Forwarded ports: L45905 <my_external_host_name>:45905
Local and Auto radioboxes are selected.
TightVNC settings:
I'm using the default settings and connecting with the following string:
localhost::45905
On the linux server this is my config for starting the vncserver:
#!/bin/sh
#
# xstartup
#
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
I also have the ssh port open on 45900 in the linux firewall and it is forwarded to the router on the same port which is open on that firewall. Of course sshd is running on 45900.
If I'm on the LAN using the local ip (ie 192... in putty host), the tunneling works fine. However as soon as I use the external static ip the connection to the box works with putty but when I try connecting through vnc viewer nothing happens. The password box doesn't appear and I can still see the vncviewer.exe process in the Windows Task Manager.
I guessing that because it works internally and not externally it must be a problem with the router. Is there another port that I must open? Note that even if I am on the LAN and I use the external address it doesn't work.
Looking at the logs on the router, I get some blocked messages, with the source <my_local_XP_box_on_LAN>:45900 to destination <external_ip>:2209. This last port (2209) keeps changing with different putty connections, ie (2209, 2226, 2228). This happens both when I log in with putty with port forwarding on or off so I'm not sure if this is just a red herring.
Any help would be very appreciated as I'm a little stuck at this point.
SSH - X11: Enable X11 forwarding is checked.
X display location is localhost:0
SSH - Tunnels:
Forwarded ports: L45905 <my_external_host_name>:45905
X11 forwarding is not necessary for what you want to do - you're not running X on your vnc viewing machine, are you?
Try using the LAN IP address of your linux server for forwarding instead of <my_external_host_name> - eg 192.168.0.2
Quote:
Originally Posted by bitpail
TightVNC settings:
I'm using the default settings and connecting with the following string:
localhost::45905
I'm starting the vncserver on port 40005
Tell me this was a typo - it should be the same port number - 45905
Quote:
Originally Posted by bitpail
I also have the ssh port open on 45900 in the linux firewall and it is forwarded to the router on the same port which is open on that firewall. Of course sshd is running on 45900.
If I'm on the LAN using the local ip (ie 192... in putty host), the tunneling works fine. However as soon as I use the external static ip the connection to the box works with putty but when I try connecting through vnc viewer nothing happens. The password box doesn't appear and I can still see the vncviewer.exe process in the Windows Task Manager.
I guessing that because it works internally and not externally it must be a problem with the router. Is there another port that I must open? Note that even if I am on the LAN and I use the external address it doesn't work.
But the vnc traffic should not be affected by the router, it is tunnelled inside the ssh traffic. The router should not see the difference between an ssh terminal and the vnc traffic, it will all be encrypted and just get passed on to the sshd server. Right?
Quote:
Originally Posted by bitpail
Looking at the logs on the router, I get some blocked messages, with the source <my_local_XP_box_on_LAN>:45900 to destination <external_ip>:2209. This last port (2209) keeps changing with different putty connections, ie (2209, 2226, 2228). This happens both when I log in with putty with port forwarding on or off so I'm not sure if this is just a red herring.
Don't know, try the other stuff first. I'm sure it's in the tunneling, not the router. That is if ssh (PuTTY) works fine.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.