ok, here is what I've done, and it works, although its questionable if this is the most efficient.
from the windows box (remote) putty -ssh -l root -L 5900:leaf.public.ip:5905 leaf.public.ip ## where 5900 is display :0 and 5905 is diplay :5 then from the leaf box ssh -l harryk -p 24 -L 5905:192.168.3.200:5907 192.168.3.200 ## where 5905 is not the listening port on the leaf machine and forwarding to port 5900 and receiving data from 5907 I then run vncviewer to the leaf box like so (using window, but command line equiv.) vncviewer leaf.public.ip # which is technically vncviewer leaf.ip:5900->5905->intern.ip:5905->5907 this works and I guess two connections are better than one. If there is a more efficient way of doing this, I'm all ears. Thanks for the quick guidance everyone. joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles Steinkuehler Sent: Monday, January 27, 2003 7:51 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [leaf-devel] VNC, SSH, port forward Joey Officer wrote: > I quickly scanned the logs and didn't find anything that resembled what I'm > doing here, so I'll try to explain it best as possible. > > I've got my LEAF w/ SSH on port 22, an internal SSH server on port 24, and > vnc running on the internal server. I want to get to the vnc server running > on the internal ssh box but am not having luck. this is how it looks > > remote.ip-internet-leaf(ssh:22)-internal(ssh:24)-vnc > > and everything comes up like so > > internal# vncserver :7 # runs vnc on port 5907 > > windows box# putty -ssh -l user -P 24 -R 5907:remoteip:5900 remoteip > > which gives me the following error > localhost sshd[1998]: error: bind: Address already in use > localhost sshd[1998]: error: channel_setup_fwd_listener: cannot listen to > port: 5907 > > so i figure I might have the port numbers in the wrong place, so I reverse > and then I get no errors, but I cannot connect to the vnc server either. This is forwarding port 5900 on your remote system to port 5907 on your local system. Someone on the remote system could log into your local VNC server running on 5907, but you can't go the other way... > Through trial and error I tried the following > > putty -ssh -l harryk -P 24 -L 5900:remote:5907 remote > > which doesn't give me any errors, but also doesn't allow me to login. I > figure this is techincally listening for something from my LEAF box, > although there are no messages pertaining to this on the LEAF box either. This is the correct version of port-forwarding (-L instead of -R) for your application, but I think you've got the ports backwards. This will connect your local port 5900 to the remote port 5907, and I think you wanted it the other way around: putty -ssh -l harryk -P 24 -L 5907:remote:5900 remote NOTE: I'm assuming harryk resolves to the IP of your firewall, and remote resolves to the ip of your remote system. You might also try an explicit IP (of the remote system, not the firewall) or the localhost (127.0.0.1) for remote, to make sure you're not getting hung up by name resolution issues. -- Charles Steinkuehler [EMAIL PROTECTED] ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
