remote port forwarding and vnc

mneevens@xs4all.nl mneevens "at" xs4all.nl
Sat Jan 24 20:33:01 2004


Thanks all,

I should have read the documentation more carefully,
when I posted my question I thought the (linux)vncviewer
client blocked the connection, now I understand (hope) that
the vncserver at work blocked the connection, because it thought
the connection was coming from localhost...
This Monday I'll do the registry thing at work and try again.

regards
Marijn

On Sat, 24 Jan 2004, Christopher Hickman wrote:

> If you are using WinVNC, then you need to set the LoopbackOnly option.
> I have run into this before.  Here's a excerpt from the documentation
> <http://realvnc.com/winvnc.html> that explains it:
>
> LoopbackOnly
> By default, WinVNC servers accept incoming connections on any network
> adapter address, since this is the easiest way of coping with
> multihomed machines. In some cases, it is preferable to listen only for
> connections originating from the local machine and aimed at the
> "localhost" adapter - a particular example is the use of VNC over SSH
> to provide secure VNC.  Setting this registry entry to 1 will cause
> WinVNC to only accept local connections - this overrides the
> AllowLoopback and AuthHosts settings.  Setting this entry to zero
> causes WinVNC to accept connections on any adapter and is the default
> setting. Local machine-specific setting.
>
> Local machine-specific settings. Options specified here are not
> overridable.
> Location:
> HKEY_LOCAL_MACHINE\Software\ORL\WinVNC3\
>
> Good luck,
> Topher
>
> On Saturday, January 24, 2004, at 07:19  AM, mneevens "at" xs4all.nl wrote:
>
> > Hi All,
> >
> > I just started to play with vnc, but I do have
> > experience with remote port forwarding with ssh.
> > This is the problem I encountered:
> >
> > At work, behind my employers firewall, I run the vnc server
> > (on windows 2000) on the standard 5900 port. I then use
> > a ssh client to connect to my linux machine at home, therebye
> > forwarding the remote port 5900 to the local port 5900 :
> > "ssh -l root -R:5900:localhost:5900 my.machine.at.home",
> >
> > When at home, I run the vncviewer (for Linux), I expected to get
> > my desktop at work when doing "vncviewer localhost", but the vncviewer
> > stops and says, "local loopback connections are disabled".
> >
> > I guess my port forwarding is not the problem: when I try to telnet
> > to localhost 5900, I get a response:
> >
> >> telnet localhost 5900
> > Trying 127.0.0.1...
> > Connected to localhost.localdomain (127.0.0.1).
> > Escape character is '^]'.
> > RFB 003.003
> >
> > The vncviewer seems to prevent users from connecting
> > to a server that runs on the same machine (because
> > it doesn't make sense to do that), but in my case
> > it does make sense, because I forwarded the port to
> > (the same portnumber on) the machine at work.
> >
> > What am I doing wrong?
> > I would very much appreciate suggestions or help.
> >
> > Thanks
> > Marijn
> > _______________________________________________
> > VNC-List mailing list
> > VNC-List "at" realvnc.com
> > To remove yourself from the list visit:
> > http://www.realvnc.com/mailman/listinfo/vnc-list
> _______________________________________________
> VNC-List mailing list
> VNC-List "at" realvnc.com
> To remove yourself from the list visit:
> http://www.realvnc.com/mailman/listinfo/vnc-list