Hi Hernan,
Is the VNC service using any UDP packets? Do you show any rejects in the
log? You may want to try a DNAT rule in place of the ACCEPT. Are you
connecting from the outside box to just one of the inside boxes or will the
connection need to involve more than one inside machine ("one to one" or
"one to many")?Best regards, Patrick -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Hernan Castaneda Sent: Tuesday, August 17, 2004 10:33 AM To: Linux Seguridad Subject: [Security Firewall] Problem witn VNC Hi all, I'm now configuring a VNC service and I'm having this situation: In order to get it work added these new rules ACCEPT lan wan tcp 5900:5910 ACCEPT wan lan tcp 5900:5910 ACCEPT wan lan tcp 5500 I've an XP box connected to a public unprotected IP xx.xx.xx.xx, now I'm able to connect from my clients behind the firewall to that box but not viceversa; when I try to establich a connection from xx.xx.xx.xx to one of my clients behind the firewall (I use the my public protected ip on the viewer of the "remote" host) the connection on port 5900 is inmediatly in RESET state (I'm monitoring using iptraf). Have I missed something maybe?? Best regards, Hernan A. Castaqeda Z ===== "Stay Free, find your own path, live with greatness and pride. Just stay beside the things that are really eternal; otherwise keep flying..." MORION ARBENET LUOSKRAD __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
