James,
You hit the nail on the head. Its working, after reducing my MTU.
Thanks!
Garry
James Weatherall wrote:
Garry,
The problem is probably that your VPN has an MTU smaller than the underlying
network, but that your servers are not detecting that correctly - this is a
very common flaw in many VPN setups, and will affect any protocol that
transfers non-trivial amounts of data, e.g. FTP, HTTP, etc.
You will find that VNC can connect and will attempt to authenticate you, but
that you'll then get a blank screen and an eventual disconnect error - this
is because your server's TCP/IP stack is sending network data segments that
are larger than the VPN can support, so it's simply dropping them. To the
TCP/IP stacks at both ends, it appears that the connection has been lost, as
a result. Because connecting & authenticating involve small amounts of
data, they don't exhibit this problem.
Regards,
Wez @ RealVNC Ltd.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Garry Dunn
Sent: 15 November 2005 01:20
To: [email protected]
Subject: Black screen/error 10054/VPN
To all,
I've been trying to get RealVNC (4.1.1) running through a VPN and I'm
having no luck. Could someone give me ideas as to what's
going wrong?
Here is the setup:
Computer A is in the main office. It sits behind a
firewall/VPN device.
Computer B is in a remote office. It sits behind a
firewall/VPN device.
Computer C is in a second remote office. It sits behind a
firewall/VPN
device.
Computer D is in a test site. It sits behind a firewall
without a VPN
connection.
I've got a public IP address I can hit for Computer A, B and
C and I can
get control over any of those VNC terminals from Computer D.
The same
goes for Computer A to Computers B or C (through the public
IP address).
If I try from Computer A to Computer B or C through the VPN
(using the
private IP), I will be asked for the VNC password, which it
will accept
and bring up a black remote screen. I never get the remote
desktop (the
screen is the correct size, but black). After roughly 15
seconds I'll
get the error code 10054 and the connection is lost. The remote user
tells me they can see the mouse moving on their screen. The
remote end
lists a 'timeout' as the reason for the connectionn being dropped.
It seems obvious the problem is related to the VPN (remember:
I can use
the public IP addresses without issues). But what is the
problem? I've
run a ping in the background while I'm trying to connect
through the VPN
and the computer will ping consistently (even after the error 10054).
The ping times are roughly 40ms to Computer B and 70ms to Computer C.
All the internet connections are DSL (1Mbit/s or greater--not
dial-up).
I've run through the archives and I think I've got everything covered
that is suggested there:
1) fast user switching is off
2) the rate limiting is on for mouse movements
I'm running Windows XP SP2 on Computer A and B. Computer C
is Windows
XP SP1. Computer D is Windows 98. I've tried RealVNC 3.7.7, 4.0 and
4.1.1. They all do virtually the same thing. I can telnet to the
private IP address (port 5900) and get the RFB response.
I've been playing with the firewall configurations to make sure that
port 5900 is passed through the firewall and it is. Based on the VNC
authentication being granted, I'd say that is true. But why do I not
get screen updates and lose the connection 15 seconds later?
Any ideas would be greatly appreciated.
Thanks,
Garry
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
--
Garry Dunn, P.Eng
Trellis Consulting
www.trellisconsulting.ca
705-792-9973 (Office)
905-302-7273 (Cell)
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
