Darcy Parker wrote: > > Good day all, > > I am using Leaf Bering (latest ver) and currently have my shorewall > rules to allow a TightVNC connection only from a fixed IP address at work. > > # DNAT to allow TightVNC from Work Only > # > DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5800 tcp http > DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5800 tcp 5800 > DNAT net:xxx.xxx.xxx.xxx 192.168.1.100:5900 tcp http > DNAT net.xxx.xxx.xxx.xxx 192.168.1.100:5900 tcp 5900 > > As I am going to be travelling with my laptop, I am woundering if there > is a way to configure the rules to allow a TightVNC connection from a spefic > MAC address as I will not know what my net IP address will be while I am > away. > > If not from a specific MAC address, then is there another way? > > Best Regards, > Darcy
Darcy, I would also suggest the same option Lars proposed, use ssh and portforwarding with ssh acting as the tunnel. Some of the advantages are disabling passwords and using RSAauthentication which can be configured in your sshd_config file, averting the password cracking problem. A properly configured sshd_config file is a powerful complement for your security setup. Another advantage is that you will only be using the ssh port for the connection, instead of opening the standard vnc 5800,5900 ports..and you can use the compression option as well. There's a pretty good tutorial at the realvnc site on how to go about it: http://www.uk.research.att.com/vnc/sshvnc.html Regards, -- Patrick Benson Stockholm, Sweden ------------------------------------------------------- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html