Router/Firewall Settings for Port Forwarding Finally Solved!

David dmc "at"
Mon Apr 5 18:37:00 2004

Hey Everybody,

I just wanted to write to thank everyone for their help in fixing my VNC
problems.  I couldn't figure out why my port forwarding wasn't working and
why I didn't have access to VNC, and that's why I started with square one
with the networking questions.  It turns out that my Netgear router isn't
very smart, and I had the settings correct the entire time.  I had remote
management turned on (to access router settings remotely) and that is what
was blocking VNC.  Unlike Linksys routers that allow you to forward one IP
and port to another IP and port, my Netgear does not allow you to add port
information.  Remote management of the router and VNC used the same address
and different ports so whenever I tried to access VNC it wouldn't work (b/c
the Netgear Router doesn't also forward the port number).  Turning off
Remote management fixed my problem and now it works.  I've learned a lot
about VNC and Networking in the process and from reading the FAQ and your
posts, now I just wish that VNC included the ability to save files to
different computers without having to email/transfer them a different way.
I wonder if the 4.0Beta of RealVNC is worth a download.  Anyway, thanks
everyone for your assistance!






From: Robert [mailto:kerplop "at"] 
Sent: Monday, April 05, 2004 12:02 PM
To: David
Subject: Re: Router/Firewall Settings for Port Forwarding Continued...


David wrote:

I have read everyone's answers and I understand the router/firewall/VNC
settings and my need for port forwarding, but I still do not understand what
to actually do to workaround this problem.
I am on a LAN and my IP address is w.x.y.z and I used to directly connect my
computer to the ethernet.  It is a dynamic address but it is always the same
address (meaning I choose the automatically get address and it's dynamic and
technically I guess it isn't static) but for all intensive purposes it
remains as the same IP so I don't need a DNS service or anything...
Anyway, from a different computer on the internet I log into
http://w.x.y.z:5800 to access VNC.  I tried two ways to set-up port
forwarding with my Netgear.  The first way was to forward the server IP
address w.x.y.z for ports 5800 to 5900 (TCP service not UDP).  The other way
I tried was to forward the server IP address (which is the IP my
router assigns to my computer always as is the router and I only
have one computer so it's .2).  Neither way works b/c as you said, it will
forward a certain address with certain port numbers TO an IP address but not
to an IP AND port.  So if there was an option to forward w.x.y.z:5800 to everything would be fine.  The reason I changed my router's
IP to w.x.y.z was to make sure that was the problem and when VNC now thought
the addy was w.x.y.z it worked (but obviously internet didn't b/c the router
got confused).  
So basically, how can I set up port forwarding so that when I type in
http://w.x.y.z:5800 it forwards to instead of just b/c that's my problem right?  I was thinking that since my
router had a remote management feature (where I can type in http://w.x.y.z
and I can log into my server settings from anywhere on the internet) that
this might be causing a problem?  B/c even though for remote management I
have port 8080 lets say to log in, I don't even need to type a port to get
to the router settings.  I will try turning remote management of the server
off and try both port forwarding addresses one more time, but I am at a loss
on how to forward a TCP 5800 or 5900 to or PC1 and not just
to  Any ideas????
If you click on the link below, you can view a screen shot of the only port
forwarding settings I have with my Netgear. Definitely belongs in the space you've indicated.
I don't know so much about your port range, though.  I would do TWO ranges
of 5800-5809 and 5900-5909.  The Java viewer app uses ports in the 59xx
range; the vncviewer uses the 59xx range. 

For instance, here is a remote screenshot of my junky Win98 box, with the
router's forwarding screen displayed.  This is using the vncviewer program
in Linux. I'm looking at port 5903, entered as

Now, I'm gonna break this connection and do it with browser's java plugin
using port 5803. Here it is:

Now, for the final touch.  I'm gonna look from the Windows box back toward
myself but do it strictly via the LAN.

Once you think you have your router set up right, start your VNC server,
browse to and click the button to see if they can
see your server.  If they can, it'll work; if not, it's back to the drawing

And here's what my network looks like since I have one computer...
N|          +--------+                         
T|  w.x.y.z |        |   +------+
E+----------+ Router +--------------+ Pc 1 +-------------
N|          |        |              +------+
E|          +--------+            
"This is correct, the problem is that the router has not been told 
that when someone on the internet wants to connect to the router 
(ie. w.x.y.z), with vnc (ie TCP port 5900), that the person really
wants to connect to PC1, so would the router please be so kind as to
forward the request on to PC1?
You need to find out how to tell your router how to forward TCP 5900
(and ALSO TCP 5800; the Java stuff needs BOTH) to PC1.  That is all you
are missing!"
Right - that is the info that I need to fix this!  Do other routers like
Linksys have settings for ports and my Netgear just doesn't or what?
Thanks for everyone's help!
VNC-List mailing list
VNC-List "at"
To remove yourself from the list visit:

Adde parvum parvo manus acervus erit.
        [Add little to little and there will be a big pile.]
               -- Ovid
 10:21:00  up 11 days, 21:59, 12 users,  load average: 1.32, 1.38, 1.48
     One billion seconds ago it was 08:34:20 CDT Fri 07/28/72
Repeat after me: "The primary purpose of any government
entity is to employ the unemployable."

[demime 0.99d.1 removed an attachment of type image/jpeg which had a name of image001.jpg]

[demime 0.99d.1 removed an attachment of type image/jpeg which had a name of image002.jpg]

[demime 0.99d.1 removed an attachment of type image/jpeg which had a name of image003.jpg]