fpipe and VNC from a NAT'ed WinVNC server
Jordan Share
iso9@jwiz.org
Thu Jan 30 15:22:01 2003
I'm having a bit of trouble understanding what your final goal is.
Is this the scenario?:
You are behind a firewall at work.
You are allowed to connect to port 80 on arbitrary external IP addresses
You make that connection directly, without using a proxy
At home, you'd like to have something listen on port 80, and redirect
connections to port 5900 on that same machine.
Is that accurate?
If so, then here is what I would do:
Get bouncer ( http://www.r00t3d.org.uk/bin/bouncer-1.0.rc6-win32.zip )
Run bouncer on your home machine with this command line: bouncer --port
80 --destination 127.0.0.1:5900
This will caust bouncer to listen on port 80, and redirect connections to
port 5900 on the local machine
At work, run vncviewer.
Connect to your.home.ip.address:-5820
(this works, because vncviewer connects to 5900+(number after colon), thus
5900+(-5820)=80)
Done.
You do have to have the allowloopback registry setting, but it sounds like
you do.
Jordan
> -----Original Message-----
> From: vnc-list-admin@realvnc.com [mailto:vnc-list-admin@realvnc.com]On
> Behalf Of Rick Mayweather
> Sent: Wednesday, January 29, 2003 3:12 PM
> To: vnc-list@realvnc.com
> Subject: fpipe and VNC from a NAT'ed WinVNC server
>
>
> Hello VNC users.
>
> I've been trying to understand how to setup a reverse data pipe
> or reverse
> proxy, or whatever you call it between a NAT'ed VNC server and the office
> with a very restrictive firewall.
>
> I don't want to and can't install ssh, nor can I use the
> vncviewer -listen
> with the winvnc -connect ip.of.vnc.client trick.
>
> So I want to configure fpipe to setup a directed reverse
> connection from my
> home VNC server to the office. From a lot of searching the web
> and previous
> posts and reading the fpipe docs, i've not seen a clear example for doing
> this yet, nor is it in the faq, maybe it's just not clear in my head.
> Indeed, it would appear that fpipe is the tool, although i'm not entirely
> sure that it can actually do this?
>
> My understanding is that this registry key is crucial to be set,
> so that we
> can connect to ourselves due to the pipe, can someone confirm this?
>
> HKLM\Software\ORL\WinVNC3\AllowLoopback
> Type REG_DWORD set to 1
>
> Where 45.43.43.43 is the work IP address (just a demo IP) and the NAT'ed
> WinVNC home host is on a private network, 10.x.x.x.x or 192.168.254.x
>
> So this is how I thought it should be, but it does'nt work, what
> have I done
> wrong?
>
> WinVNC client
> c:\> fpipe -l 80 -r 5900 -i 45.43.43.43 45.43.43.43
>
> WinVNC server
> c:\> fpipe -r 80 45.43.43.43 -l 5900
>
> WinVNC client connects to it's own IP, aka 45.43.43.43 on port
> 5900 and is
> forwarded through the reverse datapipe to the remote host.
>
> c:\> vncviewer
>
> This does'nt work, but is about as close as I can figure out how
> it should
> be.
>
> Can we FAQ this?
>
> I have read this publication with interest.
>
> http://www.csnc.ch/downloads/docs/techdocs/TCP-IP_GenderChanger_CS
NC_V1.0.pdf
fpipe homepage
http://www.foundstone.com/knowledge/proddesc/fpipe.html
Rick
_________________________________________________________________
Surf together with new Shared Browsing
http://join.msn.com/?page=features/browse&pgmarket=en-gb&XAPID=74&DI=1059
_______________________________________________
VNC-List mailing list
VNC-List@realvnc.com
http://www.realvnc.com/mailman/listinfo/vnc-list