[clug] Access VNC server via DNAT

Joel Pearson pearj at writeme.com
Sun Sep 21 14:43:20 EST 2003 

Hmm,

I've noticed that port forwarding seems to work for web servers, because vnc
has that java viewer thing that runs on port 5800.  When I DNAT port 5800 I
can get the java viewer to start, but I can't connect to the VNC desktop
when I DNAT port 5900.  Is there any special settings that I need on the
firewall rule to make vnc happen? How can I find out what is happening to
the rule when I try to connect to port 5900?
I managed to find some program called vnc_reflector which acts as a vnc
proxy, but it maintains a connection to the client all the time, which isn't
quite what I want.  Plus its bugging me that this firewall rule won't work.

Any ideas why this isn't working anyone?

Thanks

Joel

"Joel Pearson" <pearj at writeme.com> wrote in
message news:bkhlq1$b0n$1 at sea.gmane.org...
> Hey,
>
> Ip forwarding is turned on, because ip masq works fine, but I just can't
> make port forwarding work.
> I tried omitting the port on the destination, but it didn't make any
> difference.
>
> Thanks
>
> Joel
> "Damien Elmes" <clug at repose.cx> wrote in
> message
news:86n0czy40n.fsf at mobile.repose.cx...
> > "Joel Pearson" <pearj at writeme.com> writes:
> >
> > > Hey,
> > >
> > > I have a vnc server that is on my local lan at home that I'd like to
be
> able
> > > to access from the internet via my internet gateway linux box.  I've
> read a
> > > little bit about it but I can't get my gateway to forward to ports,
I've
> > > tried this:
> > > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5904 -s
> 192.168.0.2 -j
> > > DNAT --to 192.168.0.25:5904
> > > But it says it can't connect to the server. At the moment I'm just
> trying to
> > > get the port forwarding to work on my local lan, but it doesn't seem
to
> be
> > > working. I've read of people haveing this working using a somewhat
> similar
> > > iptables command, is there some module I'm supposed to load to make
this
> > > happen?  My server is running RedHat 8 with iptables v1.2.6a
> > >
> > > Does anyone know why this isn't working?
> >
> > Have you turned on ip forwarding?
> >
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> >
> > (off the top of my head - path might be slightly different).
> >
> > Also, I think you can omit the port on the destination.
> >
> > Cheers,
> > -- 
> > Damien Elmes
> >
>
>
>
>

More information about the linux mailing list