Server uses wrong (internal LAN) IP
tmeador "at" kc.rr.com
Sat Jan 24 17:42:00 2004
* Seak, Teng-Fong <tfseak "at" futurmaster.com> [2004-01-24 08:41]:
> > -----Original Message-----
> > From: Tim Meador [mailto:tmeador "at" kc.rr.com]
> > > * Seak, Teng-Fong <tfseak "at" futurmaster.com> [2004-01-23 08:44]:
> > >> And of course an obvious question: is there any port filter on
> > >> the
> > >> cisco router? Or in other words, is at least the port 5900 is
> > >> allowed?
> > >>
> > > Well, when I started this, I *thought* it was...now I'm not sure.
> > > I'll
> > > be checking into it later.
> > OK, I've done some more work on this. It seems that my IT guy
> > actually
> > did what I asked him to for once. Before, he'd left a range of high
> > ports open, including 5900. A while back I was giving him a little
> > grief about how that was not cool, it would be too easy to hack our
> > systems and he should tighten things up at that Cisco router. So,
> > he
> > did - he closed ALL ports to the workstations except 5631, the
> > default
> Closing all! What a drastic measure!
But effective, and everything works fine. From any workstation I can do
email, surf the web, do uploads to websites, ftp, whatever. The Cisco
router handles everything. Port 5631 is the only one that needs to be
open all the way to the workstations.
> > for pcAnywhere. I've confirmed this with both nmap and telnet. He
> > never said anything to me, so I didn't realize he actually did it.
> > I
> Ah ha ha :-D Well, I understand completely your frustration, because
> I very often come across the same situation: my workmates have done
> something and they never don't *care* to tell anybody else about it.
> Not even one person! What a communication!
Yeah, I kinda wish he'd said something. Everything works normally, so
I had no clue of the change.
> > thought I could still use the default VNC port setup, but things are
> > nicely tightened up now except - the crazy guy left Telnet access to
> > the router open - AAARRRGGGHHHHH!!! I just can't make him
> > understand
> > that telnet is a Very Bad Thing...
> > Anyway, this newly restricted access is a Very Good Thing. But it
> > might
> > present a problem for me trying to use VNC. I think I can I can
> > reconfigure the VNC server to use port 5631 easily enough, but I
> > wonder
> > if that might cause any problems with pcAnywhere. I still can't
> > trash
> > pcAnywhere for several reasons. I'll still need it occasionally,
> > like
> > for file transfers (my understanding is VNC lacks this) and for
> > connecting to other workstations than mine.
But can I use port 5631 for pcAnywhere and VNC simultaneously? In other
words, pcAnyhwere AND VNC would be activated, listening for connections
at the same time, but not actually trying to run open sessions at the
same time, of course.
Ahhh - what the hey, I'm gonna pcAnywhere into my workstation, configure
VNC to use 5631, start it and see what happens right now. I'll know for
sure then! I'm going by the office later today anyway, so if it crashes
I can restart it then.
I'll post the results.
> > While I'm at it, one other quick question. Does VNC allow remote
> > printing from host to remote?
> Nope :( Of course, unless you've got some kind of IP printing to your
> remote machine.
Oooo...too bad. I may still have to keep Win4Lin on my home machine to
run pcAnywhere. pcAnywhere prints to my USB laser at home perfectly,
right through the Win4Lin guest OS, just like my host at work was
connected directly to it. Very nice. pcAnywhere is a hog, like all
Symantec software, but it does have some nice functionality. But once I
get VNC working, and if works well enough otherwise to worth more
effort, maybe I can think of something so I can still ditch
I'd kinda miss Win4Lin. It's great software, and has the best customer
support on the planet. Be nice to be 100% Windoze-free at home though.
Registered Linux user #266531