[clug] Access VNC server via DNAT
pearj at writeme.com
Sun Sep 21 14:43:20 EST 2003
I've noticed that port forwarding seems to work for web servers, because vnc
has that java viewer thing that runs on port 5800. When I DNAT port 5800 I
can get the java viewer to start, but I can't connect to the VNC desktop
when I DNAT port 5900. Is there any special settings that I need on the
firewall rule to make vnc happen? How can I find out what is happening to
the rule when I try to connect to port 5900?
I managed to find some program called vnc_reflector which acts as a vnc
proxy, but it maintains a connection to the client all the time, which isn't
quite what I want. Plus its bugging me that this firewall rule won't work.
Any ideas why this isn't working anyone?
"Joel Pearson" <pearj at writeme.com> wrote in
message news:bkhlq1$b0n$1 at sea.gmane.org...
> Ip forwarding is turned on, because ip masq works fine, but I just can't
> make port forwarding work.
> I tried omitting the port on the destination, but it didn't make any
> "Damien Elmes" <clug at repose.cx> wrote in
news:86n0czy40n.fsf at mobile.repose.cx...
> > "Joel Pearson" <pearj at writeme.com> writes:
> > > Hey,
> > >
> > > I have a vnc server that is on my local lan at home that I'd like to
> > > to access from the internet via my internet gateway linux box. I've
> read a
> > > little bit about it but I can't get my gateway to forward to ports,
> > > tried this:
> > > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5904 -s
> 192.168.0.2 -j
> > > DNAT --to 192.168.0.25:5904
> > > But it says it can't connect to the server. At the moment I'm just
> trying to
> > > get the port forwarding to work on my local lan, but it doesn't seem
> > > working. I've read of people haveing this working using a somewhat
> > > iptables command, is there some module I'm supposed to load to make
> > > happen? My server is running RedHat 8 with iptables v1.2.6a
> > >
> > > Does anyone know why this isn't working?
> > Have you turned on ip forwarding?
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> > (off the top of my head - path might be slightly different).
> > Also, I think you can omit the port on the destination.
> > Cheers,
> > --
> > Damien Elmes
More information about the linux