While there is no guarantee that you can make this work, there are a few situations that will allow for VNC connections when a proxy is in effect. Unfortunately, if you can not install software at work your chances of getting this to work properly are reduced significantly.
Assuming somehow you can install (or download and run, since no actual installation is necessary) the vncviewer application, you may be able to try a few things. I will assume you use Microsoft Windows at work, since you are using Outlook (according to your mail headers).
The first thing to determine is whether your proxy is transparent or not. You have a transparent proxy if the proxy settings in Internet Explorer (or whichever browser you use) are not enabled. This may be a good thing, because the transparent proxy will try to proxy all web-like traffic without the application being aware. There have been reports of VNC working properly through proxies on port 443 (the https port, which can not be proxied intelligently because it is supposed to be encrypted). The trick is to get you public IP address at home (whether on a firewall as in your case or on a machine connected directly to the internet) to listen for VNC (the RFB protocol, usually on port 5900) on port 443. This will be easier if you firewall allows you to map PUBLIC_IP:443 to INTERNAL_IP:5900. Assuming you can do this, and assuming you have a transparent proxy at work, and assuming you can run the native vncviewer application (not the one served by the VNC web server), you should be able to connect to your home machine by specifying the display as IP_ADDRESS:443 (here the :443 will actually control the TCP port, not the VNC display number, which is usually offset by 5900).
As you can see, there are a lot of "if" clauses above. If it turns out that you are using a non-transparent proxy (which seems likely given your test case with browsing to port 5900), I'm afraid the solutions are a little harder. Many people have asked for a custom server that will serve the java viewer and then serve RFB on the same port. To my knowledge, this has never been implemented, and there are no projects working on it (if anyone knows differently, please speak up on this thread). This would be the *ONLY* viable way to do this without being able to use the native vncviewer on your work machine.
The excellent SSH client PuTTY allows connections via different types of proxies. It claims to allow connections via HTTP, SOCKS, and telnet proxies. You would need to configure it to allow a connection to an SSH server (not PuTTY) that you would have running on a machine at home. This can be the machine you wish to connect to or another machine behind your firewall (or one outside of your firewall, but this is not practical or necessary). You can then tunnel VNC over SSH, which is itself a chore. It goes without saying that this is not for the faint of heart.
It should also be noted that if it were possible for you to establish a tunnel using http with a tool like http://www.nocrew.org/software/httptunnel.html, then you may be able to get this to work. Again, this will require you install (or download and run) both the vncviewer and the httptunnel applications on your work PC. You will also need to configure the httptunnel server on your home PC and make the port publicly available though your firewall. It goes without saying that this is not for the faint of heart either, though it is simpler (though less secure) than the PuTTY solution.
Finally, there have been discussions regarding getting vncviewer to run directly via a SOCKS proxy. If you have a SOCKS 4/5 proxy server at work, you can read the archive at http://www.realvnc.com/pipermail/vnc-list/2000-September/016707.html for information on this topic. Of course in this situation PuTTY should be able to accomplish this as well (with a lot more work).
I wish you luck.
-Ben : )
At 11:50 AM 2/25/2004 , you wrote:
Hi ben,
Thanks for the answer. At work i am indeed behind a proxy. :-( Do you know how to deal with that? I am not able to install software at work?
Kind reguards, Ruud
-----Original Message----- From: Benjamin Watkins [mailto:[EMAIL PROTECTED] Sent: woensdag 18 februari 2004 20:20 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Connecting through FW
At work, are you able to telnet into the server on port 5900? It is possible that your browser is using a proxy server, which is why you can see the RFB 003.003 string. Telnet is the only reliable test you can use on this to show if the Java applet can actually connect directly to the machine.
You can also try using the native vncviewer to perform the same test. My guess is that your work has you behind a proxy, which will prevent any direct connections.
-Ben : )
At 02:00 PM 2/18/2004 , [EMAIL PROTECTED] wrote: >PS: Running on windows 2000 profesional sp3 > > >Thanks for the info...However > >* I am sure of the password... both are configured to be the same. >When I Use the viewer i get the message: failed to connect to server. >In the brouwser (5800) the java applet stats OK. >In the brouwser (5900) I get the result RFB 003.003 >I would like to specify How it does not work... But that would give me the >answer ;-) >Or am i forgetting something? > > > > >-----Message d'origine----- > > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Envoyi : mercredi 18 fivrier 2004 14:01 > > @ : [EMAIL PROTECTED] > > Objet : Connecting through FW > > > > I configured my firewall to transfer port 5800 (tcp) and > > port 5900 (tcp). > > At work I connect with MS-IE to the appropriate > > http://xx.xx.xx.xx:5800 > > and I see the java appled asking me to logon. However I am > > not able to logon. > > When I connect to http://xx.xx.xx.xx:5900 I get the reply > > RFB 003.003. > > So, both ports are working... but the combination is not. > > By the way, the separate viewer does not work either. > > HOW does it not work? You'd better precise it. Did you get password >prompt? Do you get a black window? Please don't just say "it doesn't >work". > > > What do i do wrong and how to solve it HELP > > > > Kind reguards, > > Ruud >_______________________________________________ >VNC-List mailing list >[EMAIL PROTECTED] >To remove yourself from the list visit: >http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
