OK, now I understand it sounds reasonable. But by placing that "PC than must not behind NAT" where it is it will not (as in NEVER) be able to be reachable by the PCs on the LAN side of the router behind NAT because that is the way these routers work. As far as they are concerned that PC is out on the internet somewhere and the whole purpose of NAT is to protect your LAN from the Internet.
You could try placing the "PC than must not behind NAT" on the LAN side to the router (i.e. take it off the hub, plug it to a LAN port on the router) and configure the router to place that PC in the DMZ (see pg 45 of the user manual, befw11s4_v4_ug.pdf). That way it is effectively now not behind NAT but it is on the LAN sub-net and so is reachable by the LAN PCs. Just understand that doing this means it is effectively out on the internet (but then it was anyway on the hub) and has none of protection offered by the router thus a good software firewall is essential (and all that that entials in getting VNC working! :-)) As to your last question. VNC should work with that (inasfar as I have experience of it) but you should note that most of these simple broadband routers normally can only port-forward a port to a single LAN IP address (ie a single PC); I can't speak for the Linksys, consult the documentation on that point. Thus you will have to carefully set up multiple port-forwardings (of ports 5900, 5901, 5902, etc) to point to individual LAN IP addresses if you need to use VNC to/from more than one PC and adjust VNC Display:-Display:9 accordingly on each PC to correspond with the port in use. Furthermore if you do adopt this approach you will probably need to make your LAN IPs static (otherwise there is the chance that DHCP will allocate PCs a different LAN IP address the next time they re-boot rendering your map of port-forwards to LAN IP address in-operable). One way of doing this is to give the PCs manually entered IP addresses outside the range allocated by the DHCP on the router. Some routers (e.g. Netgears) offer the facilty to map a specific PC MAC address to a specific LAN IP address, a quick skim of the Linksys did not reveal this feature, but again check the documentation. The use of ssh for secure connection is also a consideration (I use it to connect to work PCs where the corporate LAN firewall blocks VNC access on port 5900). Peter > Message: 17 > Date: Thu, 27 May 2004 18:31:32 -0400 > From: "Ron Crummett" <[EMAIL PROTECTED]> > Reply-To: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: Re: connection issues > > I appreciate the help lent me over the mailing list. The > question of why our network is set up the way it is has been > asked many times, it seems, so let me explain why we have it > set up thus... > > We are a small Internet consulting firm that moved into our > office space only two months ago. The neighboring company is > the ISP for the building complex and to get us on the > Internet ASAP (a necessity when your work revolves around > Internet access) they ran a LAN cable from their office to > ours, and we plugged the cable into our wireless router > (LinkSys Wireless Access Point Router, model #BEFW11S4). > > One of our projects required an Internet connection not > behind NAT, so to work around this problem, another box was > brought in - a 5-Port network hub (LinkSys, model #NH1005). > One cable ran from the hub into the computer that could not > be behind NAT, another from the hub into the WAN port on the > back of the wireless router. This way the office has > wireless Internet access and the machine that cannot be > behind NAT, is not. It is this machine that I am unable to > connect to. > > As I think about the project a little more I have to ask some > additional questions. The whole reason I am learning about > VNC is because I may need to remotely access computers > located throughout the Pacific Northwest. I am located in > Boise, ID and we will need access, for example, to three or > four computers located about two hours south of here. Will I > even be able to use VNC to access these computers, or am I > heading down a dead end? > > That's it from here. More to come as the plot thickens... > > Ron Crummett > CayNet Consulting > (208) 424-1228 office > (208) 850-6589 cell > http://www.caynetco.com _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
