Hello again,
One of my favorite free NT tools rinetd (http://www.boutell.com/rinetd/) can be used for this, but allow me to elaborate a little first... lets say your two interfaces have ip adresses: 1.1.1.1 for the external NIC 192.168.1.1 for the internal NIC Now the problem is that WINVNC listens on ports 5800 & 5900 on interface 0.0.0.0 ; that is : any (of th two) interface(s). You would like it to be possible to connect on interface 192.168.1.1 but not on 1.1.1.1 . Now if two applications listen on the same port, the application bound to a particular interface will take precedence over the application bound to 0.0.0.0 (ADDR_ANY). So if you make a "dummy" application bind specifically to interface 1.1.1.1 and listen to port 5800 & 5900 , WINVNC will never get any connection attempts from that interface. What I have tested in practice (and it works) is to have rinetd running rinetd -c noextvnc.cfg the contents of noextvnc.cfg being: deny * 1.1.1.1 5800 127.0.0.1 30000 1.1.1.1 5900 127.0.0.1 30000 - notice that the two last columns really doesn't matter, as connection attempts on 1.1.1.1 are rejected before being forwarded. WINVNC will only receive connection attempts on the 192.168.1.3 interface. Hope it helps/clarifies the issue. Cordiali saluti Rasmus E. Mxller IT Systemprogrammering PC Borupvang 4 2750 Ballerup Telefon: (+45) 44 74 37 75 Fax : (+45) 44 68 24 79 E-mail : [EMAIL PROTECTED] Web : http://www.topdanmark.dk Topdanmark A/S +-------------------------------------+ | Please disregard any information | | that is incorrect, illegitimate, | | inaccurate or simply misspelled. | | | | We take no responsibility for the | | inept postings of our employees. ;>)| +-------------------------------------+ ------------------------------ Date: Mon, 15 Oct 2001 15:17:49 -0700 From: MRZ <[EMAIL PROTECTED]> Subject: configuring on a multihomed NT server -redux Nothing in the archives addresses this directly, so if anyone can help - I'll be much obliged. I did ask this once before but I'd really like to know if there is a solution that maps closer to what I've asked below. So: I've installed VNC as a service on a multihomed NT 4 box. On closer inspection I've found that the VNC connection is bound to both of the network cards addresses'. This means that a port is open on the *outside* as it were.. So is it possible to specify which adaptor/ip address will be bound to, and if so - how? I've checked and rechecked the docs & FAQ and the closest solution I've found so far is to use the command AuthHosts, but that doesn't solve one of the fundamental problems for which I want to do this. Thanks again Marc. --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
