On Tue, 03 Apr 2001 09:47:55 -0500, you wrote:
>If the firewall in question allows arbitrary
>outgoing connections (which is not uncommon), then you could simply have
>the service running on the server, run vncviewer in "listen mode" on your
>machine (the install should have placed such a shortcut in your start
>menu), and then issue a command to the server so that its WinVNC opens an
>outbound connection to your vncviewer. This would make the port
>irrelevant, and no services would have to be shut down, even temporarily.
>
>Which of course won't work if you are also behind a firewall or masquerade,
>unless you can configure your local firewall.
It's a big IF... The client's firewall is unforgiving. 25/80/81. I don't
even have outgoing http from the webserver to get upgrades!
I got vnc locally working on port 25 on my network after a huge amount of
research and piecing together incomplete advice from many sources. Now
just need to get its registry entries into VNC through my keyhole...
Why do we have to calculate stupid offsets from port 5900? Why can't the
docs make it clearer?
People use VNC because they can't be physically present at a machine.
That often means gui interaction is impossible. It should have a command
line single instruction interface too.
I already tried "regedit newkeysforVNC.reg" and it didn't appear to work,
regedit gui and pops up a dialog box. I had to kill it with my CGItools,
and wasn't sure if the values went in.
Now I'm struggling with perl Tie::Registry to update its entries, but this
is less than simple.
Stop press... while writing this I've just discovered that they've given
back my pcAnywhere access! I think they've realised that VNC and PCA are
practically the same thing and should really require opening another port
for it. They don't apparently know much about PCA or VNC and were too
worried about security breaches, though they asked me to use VNC instead
of PCA. Both are as secure as the choice of password, no?
Anyway, now that I've got the machine back with pcA, I still want to get
VNC working because I was so frustrated by it. I hope I can help someone
else in the future with a similar requirement.
Later...
I got winvnc to run on port 25! Wasn't easy, and a few things had to fall
into place beforehand.
Control Panel/Services
1. smtpsvc has priority, so that service starts automatically.
2. winvnc service should be manual start so doesn't conflict and
disable itself(?)
Registry
3. Took out winvnc -servicehelper command from
hklm\software\microsoft\windows\currentversion\run
4. Added "PortNumber" 0x00000019 (25) to
hklm\SOFTWARE\ORL\WinVNC3\Default
This corresponds to 'screen number' 4294961421 in the winvnc control
panel and viewer screen (eq, snoopy:4294961421)
5. Add "Password" and put in the encoded password from an existing setup
to hklm\SOFTWARE\ORL\WinVNC3\Default
(This should theoretically work, but I had to cheat and use pcAnywhere,
as the server prompted me for a password the first time it ran, even
though I put it in the registry first!)
Now all I have to do is use my CGI admin tools to stop smtpsvc and then
start winvnc and now I can use VNC on port 25 if and when I need it.
Now that I got my pcAnywhere back, this can remain a backup admin method
should something else go wrong.
VNC is interesting, but it isn't as polished as pcAnywhere, I particularly
miss the ability to transfer the clipboard and files.
Without pcA, ftp or Netbios I would have to use my Web CGI file manager to
upload and download files.
It was interesting using pcA to connect to the server, then using VNC from
there to connect back to my machine!
It also works with pcA and VNC from here connecting to the server - most
impressive. It's possible to daisychain connections in this way.
I didn't manage to exclusively install VNC from a command line issued over
CGI, but it's possible with someone who knows the software better than I!
>Since this "backwards" connection is something that has been in the
>internal ORL VNC server for a long time, but has only recently been
>released to the outside world, the best source of further information is
>probably right here in the mailing list. If we ask nicely, Wez might tell
>us how to do it ;-)
It'll be useful for someone else sometime!
Cheers,
Andy.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Haveland-Robinson Associates Tel. +36 30 223 2158
Budapest 1015, Donati u.17 fszt.1, Hungary Web: www.haveland.com
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
