On Fri, Feb 22, 2002 at 10:56:52AM -0600, [EMAIL PROTECTED] wrote: > > On a side note, I am testing this on two PCs here at work. With the > display number set to 59716 on one of them, I get the same RFB message > when trying to access it from a browser. While looking at the PC with > the 59716 display, and pressing "reload" on my browser pointed to > "http://<ip address>", I can see the screen flicker. If I telnet into > the PC with the 59716 display number and I get the RFB message. Not > sure if that helps any.
Are you telneting to port 59716 or port 80? Display numbers and port numbers are completely different (though linearly related) things. Display number 0 runs on port number 5900, display number 1 runs on port number 5901, and so forth: port = display + 5900 Port numbers wrap around at 65536, so display number 60000 runs on port 364 rather than 65900. If you have set the VNC display number to 59716, you should be able to test it with a telnet to port 80. There are a couple things going on here. One is that your corporate firewall blocks outgoing connections to arbitrary ports. Another is that your company also has a proxy server for HTTP service. This is demonstrated by the fact that you can do a "http://ip:port/"; and get a connection but can't telnet directly to the same address and port number. Going through the proxy server works fine for getting the VNC Java applet that is normally served on port 5800 because the applet is served via the HTTP protocol that the proxy knows how to deal with. After the Java applet loads and gives you the password prompt, however, it needs to open up a connection to the real VNC port (normally 5900) just like the vncviewer program does. This connection fails because it is not going through the proxy server. It is just like the telnet test. Redirecting the connection through the proxy probably isn't an option because the proxy server doesn't know how to handle anything but HTTP traffic. Your best bet is probably to try to find a port for which direct outgoing connectivity is allowed. 21, 22, 23, and 443 are likely candidates. Many proxy servers allow arbitrary protocols over the HTTPS port (443) because they can't do any real proxying of the normal encrypted connections anyway. However, unless it is a transparent proxy, you still have to have a proxy-aware application (which VNC is not) to initiate the connection. If there are absolutely zero ports that you can telnet directly to, then you will need to find a way to tunnel VNC over an allowed service. SSH might be a good candidate. I know you mentioned that getting the network admins to change the configuration was not an option, but I suggest talking to them anyway and getting detailed information about their configuration as well as asking them for suggestions as to how you can legitimately accomplish your goal in their environment. -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
