----- Original Message -----
From: "Salvatore Basso" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 29, 2003 6:11 PM
Subject: Re: Accessing Windows VNC trough a Linux Gateway
> ----- Original Message -----
> From: "Joe Kexel" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, October 27, 2003 11:55 PM
> Subject: Re: Accessing Windows VNC trough a Linux Gateway
>
>
> > If, by gateway you mean simple NAT, do a port forward using whatever
> > commands related to your style of gateway, ipchains or iptables. This
can
> > be easy or hard depending on the default policies.
> >
> > With iptables it would look like this
> >
> > /correct_path/iptables -t nat -A PREROUTING -i {external interface} -p
tcp
> > --dport 5900 -j DNAT --to {internal machine's IP address}:5900
> >
> > Choosing a strange port on the external interface would make your setup
> > less obvious. Its not more secure, but full port scans are less common
> > since ISP have gotten more aggressive, so most amateur attacks will not
> > find you.
> >
> > And I believe you need ipmasqadm or ipportfw for ipchains, but its been
a
> > while since I used that.
> >
> > A more secure method would be to use the SSH on the linux box to port
> > forward and encryt the connection. It requires a password and does not
> > create a permament port forward. Use putty for example and enter:
> >
> > putty -ssh -2 -C -t -l username -L 5900:{ip of host}:5900 {ip of
gateway}
> >
> > Enter password when asked, then vncviewer to your localhost. I use a
user
> > reserved for this use and edit the passwd file so /correct_path/cat is
the
> > shell for that user.
> >
> > Dig in! You will get running eventually.
> >
> > Denilson Amaral Zimmermann said:
> > > Hello all !!
> > >
> > > I have VNC installed on a win 98, but my internet is connected on a
> Linux,
> > > which is my gateway.
> > >
> > > Can i access windows VNC through linux gateway??
> > >
> > > Regards !!!
> > >
> > > Denilson A. Zimmermann
> > > Technical Support
> > > Brazil
> > > _______________________________________________
>
> Hello, I have a machine with private IP with nat on public IP (this
machine
> already I offer other services as HTTP and it is work without problems),
to
> the inside of my script based on iptables has inserted is:
>
> iptables -t nat -A PREROUTING -p TCP -i $INET_IFACE -d $HTTP_IP --dport
> 5900 -j DNAT --to destination $DMZHTTPIP
>
> that:
>
> iptables -t nat -A PREROUTING -i $INET_IFACE -p TCP --dport 5900 -j
> DNAT --to $DMZHTTPIP
>
> where:
>
> INET_IFACE --> public IP on the firewall
> DMZHTTPIP --> private IP for my server
>
> but however I do not succeed to approach always receiving the following
> message:
>
> unable to connect to host: Connection timed out (10060)
>
> you have some suggestion?
> the version that use is the 4 beta and the server part is installed on
> win2000 server. Thanks.
>
> - Salvatore
>
> ---
> [This E-mail scanned for viruses by Declude Virus]
> _______________________________________________
Hello, I make excuses with all you I have understood where I had mistaken,
the error had had to a regarding line works it FORWARD in my script ! I
still ask excuse.
- Salvatore
---
[This E-mail scanned for viruses by Declude Virus]
_______________________________________________
VNC-List mailing list
[EMAIL PROTECTED]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
