OK, now we're getting into the nitty-gritty. This is proving far more difficult than it should be! I've turned on extensive logging of ssh packets and include the relevant logs here. First though, let me try to explain the two scenarios - the working and the non-working:
I have a PAT on our firewall that redirects SSH traffic to my Linux machine at work. So that might look something like this: _____ ______ _______ | | SH2 Traffic | | | Work | | Home|---------------| PAT |-------------| Linux | |_____| |______| |_______| 192.168.1.2 172.15.20.1 172.168.10.54 tgl8b/laptop middleman cfd1 (I've just made up the IP addresses for the purposes of this example - the PAT is of course a non-private IP address). tgl8b is a linux machine running OpenSSH and linux vncviewer, while laptop is a Windows2000 machine running Putty and a windows vncviewer. So I sit on tgl8b, open an SSH connection to middleman, and that is redirected to cfd1. I invoke it with the command ssh -L5901:middleman:5901 and if I then start vncviewer on tgl8b, everything is fine. If I use laptop, I use Putty to connect. I set up the tunnel so that the tunnel window says: L5901 172.15.20.1:5901 I then start vncviewer, point it to localhost:1 and it *does* connect, but ought to then pop up a dialog box asking for a password. It does nothing. However, if I carry the laptop into work and simply replace the IP address for middleman with the IP address for cfd1, and connect as follows: _____ _______ | | SH2 Traffic | Work | | |---------------------------| Linux | |_____| |_______| 192.168.1.2 172.168.10.54 tgl8b/laptop cfd1 Then when I connect to localhost:1 I get a window requesting a password. Once I've logged in, up comes the vncviewer and everything is fine. Now I collected the SSH traffic in a Putty log file from these two cases, and the ONLY difference in the log files (apart from the actual vncviewer traffic which isn't present in the one that never asked for a password) seems to be that the connection through middleman contains a large number of lines saying: Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE) Any experts out there who would like to see the whole logs, please let me know. If I had to guess, I would say that Putty isn't tunnelling the port, it's just forwarding it - but that couldn't be the case could it?? Ron Cheers Ron Ron Cresswell Principal Scientist James Hardie Research Ph +61-2-8845-3382 Fax +61-2-8845-3222 ###################################################################### This message is intended for the use of the party to whom it is addressed and may contain information which is confidential. If you are not the intended recipient and have received this communication in error, please notify us by telephone and either return the original message or ensure its destruction. Any dissemination or copying of this communication and its attachments by anyone other than the party to whom it is addressed is strictly prohibited. ###################################################################### _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
