I noticed that there were several questions regarding using VNC and
firewalls in the FAQ (50, directly and 51-54 indirectly) and a
write-up in the contrib section on the subject, so I thought I'd share
my experience with the community.
My setup: (Apologies to the ASCII art impaired :)
--------- ------------ ---------- ------------ ----------
| Home |---| Firewall |---|Internet|---| Firewall |---| Work 1 |
--------- ------------ ---------- ------------ | ----------
| ----------
\-| Work 2 |
| ----------
| ----------
\-| Work n |
----------
All the machines involved are linux boxen.
The home firewall disallows all incoming connections except ssh. The
work firewall does the same. Incoming ssh connections on the work end
are routed randomly (for load balancing) to one of a list of machines on
the internal network all of which have the same host keys. Given all that:
home$ ssh work
and
work1$ ssh home
work as expected. To get to a particular machine, work1 for instance,
on the work internal network one would do:
home$ ssh -t work ssh work1
That being said, in order to get Xvnc function from work to home, I do
the following:
home$ ssh -t work ssh work1 /pathtovncserver/vncserver :2 ; ssh -g -R 5902:work1:5902
home
then, in a separate xterm:
home$ vncviewer localhost:2
(The reverse connection is necessary since the firewalls don't allow
any ports but the SSH ports through.)
I'd like to hear from anyone in similar circumstances that's doing
something different.
Bill.
--
Bill Barth | Home: (512) 797-3045
[EMAIL PROTECTED] | Work: (512) 471-4069
Office: WRW 111 | Fax: (512) 232-3357
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
