HELP! Router/Firewall with VNC Question

David dmc "at" unc.edu
Sun Apr 4 13:39:00 2004


Hey,
I have some more info on my Router/VNC problem.  I must be missing an easy
concept here about routers and the VNC program but here goes.  My routers
LAN IP was the default 192.168.1.1 which basically every consumer router is.
My IP addy from the internet is different than that so if I go to
myipaddress.com it will show my real IP addy not the 192.168.x.x one.
Anyway, I changed the router settings (specifically the LAN IP) to be the
same as my real IP address and when I tried VNC on different computers it
worked!  I thought everything was fixed b/c I could use http/java to log
into VNC as well as a VNC viewer on another PC to access it.  I could still
log into the router to change settings if I didn't do the :5800/:5900 port
so everything appeared fine.  However, on my client/host computer that the
router is hooked up to, I no longer had internet service :(  So I changed
the LAN IP back to 192.168... and now I have internet again but the VNC
doesn't work b/c the icon in the taskbar shows the 192.168 IP addy instead
of my real addy like when I changed it.  So what is the workaround and I
must be missing something b/c this is probably like this on every single
router - you have an IP from the internet and the router masks it and gives
out it's own IP's to each computers (which happen to be 192.168.x.x for most
routers) and you can port forward but VNC still thinks your IP is the
192.168 which you obviously can't log into from a different computer.  So
what do I do?

David


-----Original Message-----
From: David [mailto:dmc "at" unc.edu] 
Sent: Sunday, April 04, 2004 7:44 AM
To: vnc-list "at" realvnc.com
Subject: Re: HELP! Router/Firewall with VNC Question

Hello,
I still have questions about the router b/c it will not work.  I set up port
forwarding and then called Netgear and double-checked that it was set-up
right.  I have a service for port 5800-5900 set up for my IP address which
means if I log into my IP address from a computer at any port between
5800-5900, it should let it through the firewall.  However, on my computer
if I hover my mouse over winVNC, it doesn't show my IP address, it shows the
internal router IP address, you know the default 192.168.1.1 or .2 or .3
depending on which connection I'm on.  I can check this by trying to log in
on the same computer (which it won't connect b/c loopback connections aren't
allowed but I can tell if it would work) and if I do 192.168.1.2:5800 it
works fine (but then won't allow the loopback) but if I do my IP
address:5800 which is what I'd need to do to log into VNC from another
computer, it doesn't work.  Instead, if I remember correctly it tries to log
me into the router settings remotely - how do I fix this problem?  I think
that my forwarding is set-up right but I need VNC to know my real IP
address, not the default 192.168.x.x router one...

Thanks

David 






-----------------------------------------------------------
Message: 1
Date: Sun, 4 Apr 2004 00:42:40 +0000 (GMT)
From: "Scott C. Best" <sbest "at" best.com>
To: vnc-list "at" realvnc.com
cc: dmc "at" unc.edu
Subject: Re: HELP! Router/Firewall with VNC Question

David:
	Heya. First off, here's all the info you should need about
firewall/routers and how to get them to play nicely with VNC:

http://faq.gotomyvnc.com/fom-serve/cache/63.html

	As for your related question:

> My router is set up with WEP security, has a firewall, and I made it so
that
> only the MAC address on my wireless card is allowed access to the wireless
> router and turned off Broadcasting the SSID so no one else can use mine.
> I'd appreciate any help/advice in a workaround to VNC with my router and
any
> suggestions on how to increase security of the router (for instance,
should
> I change the router's IP from the default 192.168.x.x and what else can I
do
> for security)?

	In general, the security of the router can be measured by the
security of the services it allows to be accessed. So once you get the
router's "port-forwarding" setup to work with VNC, the question becomes:
how secure is your VNC Server? That is, did you choose a strong password,
do you have AuthHost settings, do you tunnel the connection thru SSH?
Even if your answer is "no" to some of these questions, you're several
orders-of-magnitude more secure than an average Windows user connected
directly to the Internet *without* a firewall/router.

hope this helps,
Scott

> I have always just used WinVNC by opening it on my computer and then
> accessing it from other computers at work or school or from friend's
> computers by opening IE and entering my IP address:5800.  I understand
that
> you can also use VNC by installing the VNC Viewer and using it that way
but
> most computers that I access mine from don't have VNC installed plus I
> didn't really understand how to use it.
>
> Anyway, my problem is that I now am on a Netgear router that I guess has a
> firewall and other stuff embedded so I can't use VNC anymore from other
> computers whether VNCViewer or using the IE/Java way.
<snip>

--__--__--

Message: 2
From: "Rodrigo Farias" <rodrigofarias77 "at" yahoo.com.br>
To: <vnc-list "at" realvnc.com>
Subject: VNC under router
Date: Sat, 3 Apr 2004 23:37:20 -0300

I have ADSL internet connection with SpeedStream modem. I've changed my
modem mode from brigde to router. I'm having trouble now to access my
computer using RealVNC from internet now...

My computers are 192.168.254.1 and 192.168.254.2. The modem is
192.168.254.254 (connected on hub's uplink port).

What could I do to solve this problem?

Regards.
Rodrigo


--__--__--

_______________________________________________


VNC-List mailing list


VNC-List "at" realvnc.com


http://www.realvnc.com/mailman/listinfo/vnc-list




End of VNC-List Digest