RE: Router/Firewall Settings for Port Forwarding Continued...
David, I may be wrong here since I have never actually set up port forwarding. But looking at the screenshot you pointed to, it looks like you may have misinterpretted the meanings of Start Port and End Port. I believe that Start Port refers to the port being accessed on the internet side of your router. End Port is probably the destination port on your internal computer. This allows you to translate the port. This would be necessary if you wanted to access the same service on multiple computers. Actually, the IP concept of service is usually rendered as one port per service. I also believe that after you have defined two entries, one for 5800 and one for 5900, you can turn your remote management back on. +---+---++-+--+---+ | | # | Service Name | Start Port | End Port | Server IP Address | +---+---++-+--+---+ | X | 1 | VNC Java DL |5800 | 5800 |192.168.1.2| +---+---++-+--+---+ | X | 2 | VNC Viewer|5900 | 5900 |192.168.1.2| +---+---++-+--+---+ Cheers, Carlyle -- Diese E-Mail enthdlt vertrauliche und/oder rechtlich gesch|tzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt|mlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ___ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
RE: Router/Firewall Settings for Port Forwarding Continued...
Carlyle Sutphen said: David, I may be wrong here since I have never actually set up port forwarding. But looking at the screenshot you pointed to, it looks like you may have misinterpretted the meanings of Start Port and End Port. I believe that Start Port refers to the port being accessed on the internet side of your router. End Port is probably the destination port on your internal computer. No, it allows you to specify a range of ports instead of just a single port. The NAT device just has a limitation that the external port is forwarded to the same internal port. For example if you put a rule to forward port 5900, the internal machine must be listening on 5900 (it can't be set to 5901 or 5902). -- William Hooper ___ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
RE: Router/Firewall Settings for Port Forwarding Continued...
Hey, I have read everyone's answers and I understand the router/firewall/VNC settings and my need for port forwarding, but I still do not understand what to actually do to workaround this problem. I am on a LAN and my IP address is w.x.y.z and I used to directly connect my computer to the ethernet. It is a dynamic address but it is always the same address (meaning I choose the automatically get address and it's dynamic and technically I guess it isn't static) but for all intensive purposes it remains as the same IP so I don't need a DNS service or anything... Anyway, from a different computer on the internet I log into http://w.x.y.z:5800 to access VNC. I tried two ways to set-up port forwarding with my Netgear. The first way was to forward the server IP address w.x.y.z for ports 5800 to 5900 (TCP service not UDP). The other way I tried was to forward the server IP address 192.168.1.2 (which is the IP my router assigns to my computer always as 192.168.1.1 is the router and I only have one computer so it's .2). Neither way works b/c as you said, it will forward a certain address with certain port numbers TO an IP address but not to an IP AND port. So if there was an option to forward w.x.y.z:5800 to 192.168.1.2:5800 everything would be fine. The reason I changed my router's IP to w.x.y.z was to make sure that was the problem and when VNC now thought the addy was w.x.y.z it worked (but obviously internet didn't b/c the router got confused). So basically, how can I set up port forwarding so that when I type in http://w.x.y.z:5800 it forwards to 192.168.1.2:5800 instead of just 192.168.1.2 b/c that's my problem right? I was thinking that since my router had a remote management feature (where I can type in http://w.x.y.z and I can log into my server settings from anywhere on the internet) that this might be causing a problem? B/c even though for remote management I have port 8080 lets say to log in, I don't even need to type a port to get to the router settings. I will try turning remote management of the server off and try both port forwarding addresses one more time, but I am at a loss on how to forward a TCP 5800 or 5900 to 192.168.1.2:5800 or PC1 and not just to 192.168.1.2. Any ideas If you click on the link below, you can view a screen shot of the only port forwarding settings I have with my Netgear. http://www.unc.edu/~dmcgibbo/crap/netgear.jpg And here's what my network looks like since I have one computer... I\ N| ++ T| w.x.y.z ||192.168.1.1 +--+ 192.168.1.2 E+--+ Router +--+ Pc 1 +- N| || +--+ E| ++ T/ This is correct, the problem is that the router has not been told that when someone on the internet wants to connect to the router (ie. w.x.y.z), with vnc (ie TCP port 5900), that the person really wants to connect to PC1, so would the router please be so kind as to forward the request on to PC1? You need to find out how to tell your router how to forward TCP 5900 (and ALSO TCP 5800; the Java stuff needs BOTH) to PC1. That is all you are missing! Right - that is the info that I need to fix this! Do other routers like Linksys have settings for ports and my Netgear just doesn't or what? Thanks for everyone's help! David ___ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
RE: Router/Firewall Settings for Port Forwarding Continued...
I've ignored this conversation up to this point, so excuse me if this information repeats. David said: [snip] So basically, how can I set up port forwarding so that when I type in http://w.x.y.z:5800 it forwards to 192.168.1.2:5800 instead of just 192.168.1.2 b/c that's my problem right? This doesn't make sense. All IP communication has an address and a port number. Your NAT device takes the information coming into it on port 5800 and forwards it to the internal server address on the same port (5800). I was thinking that since my router had a remote management feature (where I can type in http://w.x.y.z and I can log into my server settings from anywhere on the internet) that this might be causing a problem? B/c even though for remote management I have port 8080 lets say to log in, I don't even need to type a port to get to the router settings. You don't have to type a port because port 80 is the assigned port for HTTP. Your web browser assumes port 80 for HTTP unless you tell it otherwise. I will try turning remote management of the server off and try both port forwarding addresses one more time, but I am at a loss on how to forward a TCP 5800 or 5900 to 192.168.1.2:5800 or PC1 and not just to 192.168.1.2. Any ideas You are confused. If you click on the link below, you can view a screen shot of the only port forwarding settings I have with my Netgear. http://www.unc.edu/~dmcgibbo/crap/netgear.jpg As explained on the netgear page, the Server address should be the internal address of the machine running the server. http://kbserver.netgear.com/kb_web_files/N101145.asp I would suggest using two entries, one for port 5900 and one for port 5800 (both assuming your PC 1 is a MS Windows machine using the default settings. I see that your router also has a SPI firewall. Have you tried disabling it? And here's what my network looks like since I have one computer... I\ N| ++ T| w.x.y.z ||192.168.1.1 +--+ 192.168.1.2 E+--+ Router +--+ Pc 1 +- N| || +--+ E| ++ T/ You are trying to access VNC from a machine on the internet and not 192.168.1.2, right? -- William Hooper ___ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
