Results 1 to 3 of 3

Thread: Port Forwarding advice re VNC

  1. #1
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,731
    Blog Entries
    2

    Default Port Forwarding advice re VNC

    I have a network with a bunch of workstations configured as a workgroup. The System Administrator opened port 5900 for me and forwarded that to the wan side of the workgroup's router. I then forwarded from the router to one IP on the LAN side and tested VNC to control one of the computers remotely. It works fine on port 5900.

    Here's the question:
    The client now wants access to all the computers on the LAN via VNC. I believe I simply have to ask the System Admin to open a port range like 5900-6010 (instead of the single port 5900 for one computer) and forward port 5901 to the second computer on the LAN, 5902 to the third, 5903 to the fourth computer .... and so on.

    Am I right?

    Thanks
    Leap 42.3 & 15.1 &KDE
    FYIs from the days of yore

  2. #2
    ab@novell.com NNTP User

    Default Re: Port Forwarding advice re VNC

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Sure, but is that really the best thing in the world to do? You'll need
    to have a map of all the boxes' maps to port and you'll also need to
    train your users to use alternate ports with those maps. That's not
    hard, but you will also need to make sure you don't allow random
    stinkers to access these machines which means whitelisting your users'
    home address and hoping nobody figures out your users IP addresses and
    getting in. Also VNC is completely lacking in security on its own.

    A VPN (openvpn) would be easy, potentially free and would get past all
    of the above.

    Good luck.





    swerdna wrote:
    > I have a network with a bunch of workstations configured as a workgroup.
    > The System Administrator opened port 5900 for me and forwarded that to
    > the wan side of the workgroup's router. I then forwarded from the router
    > to one IP on the LAN side and tested VNC to control one of the computers
    > remotely. It works fine on port 5900.
    >
    > Here's the question:
    > The client now wants access to all the computers on the LAN via VNC. I
    > believe I simply have to ask the System Admin to open a port range like
    > 5900-6010 (instead of the single port 5900 for one computer) and forward
    > port 5901 to the second computer on the LAN, 5902 to the third, 5903 to
    > the fourth computer .... and so on.
    >
    > Am I right?
    >
    > Thanks
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFJEP4d3s42bA80+9kRAikHAJoDMWSNb3LbXnQ9yvw2uVP18OnmOACeOIb9
    Y6zOJMKd5+PmAxBDYmiJ0Ok=
    =S3mW
    -----END PGP SIGNATURE-----

  3. #3
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,731
    Blog Entries
    2

    Default Re: Port Forwarding advice re VNC

    I'm checking the openvpn site now -- thanks
    Leap 42.3 & 15.1 &KDE
    FYIs from the days of yore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •