[olug] TightVNC settings from the outside

Jay Swackhamer Jay at RebootTheUser.com
Fri Jun 25 14:21:49 UTC 2004 

>From the outside you are better off tunneling via ssh if possible,

It should work via vncviewer if you have port 5901 forwarded through the
router and the remote machine is listening on display :1
router-> forward port 5901 to machine 1 port 5901
remote-> vncviewer 68.43.116.20:1

Are other port forwards working correctly? i.e. ssh/etc.........

(for those new to vnc)
the ports coincide in pairs with the display,i.e display :1=5801/5901,
display :2=5802/5902 (windows machine=5800/5900)
For an open connection, you would use the 58xx/59xx port associated with
the display, so if you wanted to connect directly to machine1 on display
:1
if you want to connect via a web browser then you would forward both 5801
& 5901/5802 & 5902 etc.....

#to tunnel to a third machine via a machine with internet accessible ssh
ssh -g -l root -L 5801:MACHINE1:5801 -L 5901:MACHINE1:5901 68.43.116.20
#then connect to the localport
vncviewer -encodings tight copyrect localhost:1

or use this tunnel script
i.e.
./tunnel host.domain.com root vnc remotedestination

#!/bin/bash

HOST=$1
USER=$2
SERVICE=$3
ARG1=$4
ARG2=$5

if [ $# -lt 1 ]; then
    echo "usage:  tunnel HOST USER SERVICE ARG1 ARG2}"
    exit 1
fi


if [ "${SERVICE}" = "vnc" ]; then
        ssh -g -l ${USER} \
        -L 5800:${ARG1}:5800 \
        -L 5900:${ARG1}:5900 \
        -L 5801:${ARG1}:5801 \
        -L 5901:${ARG1}:5901 \
        ${HOST}
fi

if [ "${SERVICE}" = "rdp" ]; then
        ssh -g -l ${USER} \
        -L 3389:${ARG1}:3389 \
        ${HOST}
fi



> I've been able to get TightVNC set-up and working between two Linux
> machines
> within my LAN.  But I can't figure out how to access the server from the
> outside.
>
> I'm running 'vncserver' to start the server, I get 'New 'X' desktop is
> edp:1'.
>
>
> I have 3 machines running through a router, so I've set the router so
> 'virtual
> server' is pointing to the server's local IP address via private/public
> port
> 5900 (i've tried 5800 too).  The firewall is also open to accept requests
> on
> 5900 and send them to the server's local IP address.
>
> 'netstat -at' on the server machine tells me I'm listening on 5801, 5901
> and
> 6001.  I tried changing all the router settings above to port 5901 just to
> see,
> but I still cannot log on as a client.
>
> Here's the lines I"ve tried as a client:
> vncviewer 68.43.116.20::5900
> vncviewer 68.43.116.20:1
>
> I still get connection refused.
>
> Anyone see any blaring omissions?
>
> Thanks for reading...
> Eric Pierce
>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
> http://promotions.yahoo.com/new_mail
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>


-- 
Jay Swackhamer
Reboot The User
15791 West Dodge Road
Suite 135
Omaha, NE 68118
(402) 933-6449
(402) 933-6456 Fax
http://www.RebootTheUser.com

More information about the OLUG mailing list