[olug] TightVNC settings from the outside

Eric Pierce eric_olug at yahoo.com
Sat Jun 26 01:36:46 UTC 2004


Hmm... I cannot ssh coming from the outside either, but I can within the LAN
(ssh is duly running).  Something's up.  

I've tried both of these (not my real IP by the way):
vncviewer 68.43.116.20:1
vncviewer 68.43.116.20::5901

I ran a sftp server in the past on a few occasions and had a friend from
England log on from time to time.  The only thing that has changed is I've
upgraded to SuSE 9.1.  I have had forwarding turned off for the last several
months, but I don't think the router settings are wrong now.

Virtual server settings on router (for ssh):
Private IP: 192.168.0.101
Protocal:   TCP 22/22
"Enabled"

Firewall settings on router:
Source: *,*
Destination: LAN,192.168.0.101
Protocal:    TCP,22
"Allow"

Is Cox preventing users from using these ports perhaps?

Or maybe David is right and I need to come from the "real" outside... but I
swear I've successfully ssh'ed in before via my outside ip address and had it
forwarded to the machine with sshd running.

If anyone is bored, 
my Jabber ID: eric555 
Jabber server: jabber.org

Hmm...(x2)
Eric 

--- Jay Swackhamer <Jay at RebootTheUser.com> wrote:
> >From the outside you are better off tunneling via ssh if possible,
> 
> It should work via vncviewer if you have port 5901 forwarded through the
> router and the remote machine is listening on display :1
> router-> forward port 5901 to machine 1 port 5901
> remote-> vncviewer 68.43.116.20:1
> 
> Are other port forwards working correctly? i.e. ssh/etc.........
> 
> (for those new to vnc)
> the ports coincide in pairs with the display,i.e display :1=5801/5901,
> display :2=5802/5902 (windows machine=5800/5900)
> For an open connection, you would use the 58xx/59xx port associated with
> the display, so if you wanted to connect directly to machine1 on display
> :1
> if you want to connect via a web browser then you would forward both 5801
> & 5901/5802 & 5902 etc.....
> 
> #to tunnel to a third machine via a machine with internet accessible ssh
> ssh -g -l root -L 5801:MACHINE1:5801 -L 5901:MACHINE1:5901 68.43.116.20
> #then connect to the localport
> vncviewer -encodings tight copyrect localhost:1
> 
> or use this tunnel script
> i.e.
> ./tunnel host.domain.com root vnc remotedestination
> 
> #!/bin/bash
> 
> HOST=$1
> USER=$2
> SERVICE=$3
> ARG1=$4
> ARG2=$5
> 
> if [ $# -lt 1 ]; then
>     echo "usage:  tunnel HOST USER SERVICE ARG1 ARG2}"
>     exit 1
> fi
> 
> 
> if [ "${SERVICE}" = "vnc" ]; then
>         ssh -g -l ${USER} \
>         -L 5800:${ARG1}:5800 \
>         -L 5900:${ARG1}:5900 \
>         -L 5801:${ARG1}:5801 \
>         -L 5901:${ARG1}:5901 \
>         ${HOST}
> fi
> 
> if [ "${SERVICE}" = "rdp" ]; then
>         ssh -g -l ${USER} \
>         -L 3389:${ARG1}:3389 \
>         ${HOST}
> fi
> 
> 
> 
> > I've been able to get TightVNC set-up and working between two Linux
> > machines
> > within my LAN.  But I can't figure out how to access the server from the
> > outside.
> >
> > I'm running 'vncserver' to start the server, I get 'New 'X' desktop is
> > edp:1'.
> >
> >
> > I have 3 machines running through a router, so I've set the router so
> > 'virtual
> > server' is pointing to the server's local IP address via private/public
> > port
> > 5900 (i've tried 5800 too).  The firewall is also open to accept requests
> > on
> > 5900 and send them to the server's local IP address.
> >
> > 'netstat -at' on the server machine tells me I'm listening on 5801, 5901
> > and
> > 6001.  I tried changing all the router settings above to port 5901 just to
> > see,
> > but I still cannot log on as a client.
> >
> > Here's the lines I"ve tried as a client:
> > vncviewer 68.43.116.20::5900
> > vncviewer 68.43.116.20:1
> >
> > I still get connection refused.
> >
> > Anyone see any blaring omissions?
> >
> > Thanks for reading...
> > Eric Pierce
> >
> >
> >
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > New and Improved Yahoo! Mail - Send 10MB messages!
> > http://promotions.yahoo.com/new_mail
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > http://lists.olug.org/mailman/listinfo/olug
> >
> 
> 
> -- 
> Jay Swackhamer
> Reboot The User
> 15791 West Dodge Road
> Suite 135
> Omaha, NE 68118
> (402) 933-6449
> (402) 933-6456 Fax
> http://www.RebootTheUser.com
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
> 



		
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail


More information about the OLUG mailing list