I have a system sitting 2 blocks away on a network where I have no permission and authority to configure the router. Therefore I have no way of accessing the system outside, unless that remote system opens a connection to me, where my primary location has port forwarding.
Is there any way I could configure my remote machine so I could visually control it from my primary location?
The remote system is running Windows XP and my primary machine runs Linux.
Thanks in advance.

Hi there

try using NX nomachine, works between platforms and seems quicker than a lot of other software

Started using it a while ago and so far no complaints and most importantly it's at the right price - FREE

http://www.nomachine.com/

Let me know what you think

Looks like a very cool piece of software. However, can the free Windows client be used as a server? Like the client automatically connects to my Linux machine so I can control the Windows machine?
I unfortunately cannot establish connection in that direction, the remote machine has to connect to me (I do not have the access to open port 22 to establish the connection from here)

Basically a rough diagram:

Case 1:
[Local Linux machine]-[My router] ---X---> [Remote router w/o port forwarding]-[Remote Windows machine]
(No connection due to the fact that I am not reaching the remote machine)


Case 2:
[Local Linux machine]-[My router, port forwarding] <------- [Remote router]-[Remote Windows machine]
(Connection established because my Linux machine can be reached from outside)

So basically what I need is the server side on Windows to be connecting to my Linux machine in order for me to control the Windows machine. This sounds complicated, and I am afraid it is. But I still need this.

To clarify why exactly I am doing this, I need to be able to connect to my office machine from home. My office machine is the one running Windows and it is on the closed office network, with access TO outside (internet access) but not the other way around. It doesn't matter what OS I should be using at home, I have both Windows and Linux here.

Let me know if any part of this is confusing.
Thanks in advance.

According to the website it will do everything your asking.

I go from a windows machine and log on to linux machines.

I assume your home IP is dynamic and your work IP is fixed, if so you MAY need to set up a port forwarding rule on your WORK router depending on how big the network is sitting behind it and your home router should not need any extra config

Go here and see if it fits the bill http://www.nomachine.com/screenshot/server-install.php

I'm hoping not to muddy the waters here, but I was under the impression that ultravnc had tools that would enable you to establish connections without having to make adjustments to the router. Upon checking the website, it turns out that it does - check out the nat tools:

iirc, the repeater tool may also accomplish the same thing.

It's possible, therefore, that other vnc flavours offer similar tools

I'm also *relatively* certain that, on your end, if the vncviewer is started in 'listen' mode, rather than initiate a connection, it waits for the server to initiate contact. Sorry, I can't help you further than this point, but it may be something for you to investigate.

hth,

I have been finding any of the VNC family unreliable just latelty and not connecting all the time. I set up routers to port forward when more than 1 machine is using remote software

e.g port 5800 forward to PC 1

port 5900 forward to PC 2

and anything in between.

This was simple to do so have never done it any other way

I think what you want is

forward ports 5800 and 5900 to PC 1,
forward ports 5801 and 5901 to PC 2 (ports 5800 and 5900, typically)

They have different purposes -- HTTP (VNC runs a tiny website) and actual VNC transport.

I really cannot do anything to the router at work.
Looks like NAT2NAT is the stuff though. I will give it a try.

Without touching your work's router, you can still ssh from your Windows box at work to anywhere you like, e.g., to your home.
And on the back of that ssh connection, you can tunnel (= forward) any port you like. (I know your subjects says "without port forwarding", but this would work. And probably you just meant no authority to mess with work's outer firewall/router.)

Possible problems:

(A) The connection might die (e.g., due to inactivity of 2 hours or so; network problems). You could set up your Windows box to periodically re-initiate the connection. Maybe avoid connecting again if the old connection still stands.

(B) Your work box might not know how to connect to your home. JohnHulley raised the question of dynamic IP -- so please tell us your situation. There are ways to get around that, too.

/Quigi

Perhaps I am not such an advanced user... I don't know all that much about shh.
I've connected to my Linux box using PuTTY, to gain access to command line, and I heard of tunneling X11 through ssh but I have never heard of tunneling Windows VNC through ssh.
I need to be controlling the Windows machine at work from the machine at home, not the other way around. Perhaps I am clueless about the abilities of ssh. In that case I don't know what to do.
Is ssh a 2 way connection?

Indeed, the ssh port forwarding will work. I know that Putty has a gui, etc, but I'll give you the command using ssh, and you can (hopefully) figure it out for Putty. (you may also want to consider looking into installing openssh on your windows box...)

from your windows box:

the simple command: ssh -R 5900:localhost:5900 <your linux box>

the -R option tells ssh which port on your linux box will listen for a connection from localhost:5900

So, on your linux box, you would just run vncviewer :0

If port 5900 on your linux box is already being used (eg, you have vnc server already running on your linux box), then use another port:

ssh -R 5901:localhost:5900 <your linux box>

Hence, vncviewer :1

A "cleaner" way to do this would be:

ssh -N -f -R 5901:localhost:5900 <your linux box>

This forks the process to the background, so you don't need to leave the terminal open. Don't know how this would work using putty...


hth

so you can't modify the router/firewall at work, but you CAN tell ssh what port to use.. it doesn't have to use port 22 you know.. what's wrong with 80 (http) or 443 (https).. Surely those ports are allowed to egress the work network without restriction.. (although a good firewall or proxy might still catch it)

So the work PC would initiate the ssh tunnel using port 80 to your home machine.....

I tunnel vnc through ssh all the time, and to a Windows server at that.

Install cygwin on the XP box. That will give you a *nix environment to work with. As I understand your problem, you will want to run a reverse tunnel. Google for it; the setup you want is to be found on the 'net.