Jerome R. Westrick
jerry "at" westrick.com
Fri May 28 08:04:00 2004
On Fri, 2004-05-28 at 00:31, Ron Crummett wrote:
> I appreciate the help lent me over the mailing list. The question of why our network is set up the way it is has been asked many times, it seems, so let me explain why we have it set up thus...
> We are a small Internet consulting firm that moved into our office space only two months ago. The neighboring company is the ISP for the building complex and to get us on the Internet ASAP (a necessity when your work revolves around Internet access) they ran a LAN cable from their office to ours, and we plugged the cable into our wireless router (LinkSys Wireless Access Point Router, model #BEFW11S4).
> One of our projects required an Internet connection not behind NAT, so to work around this problem, another box was brought in - a 5-Port network hub (LinkSys, model #NH1005). One cable ran from the hub into the computer that could not be behind NAT, another from the hub into the WAN port on the back of the wireless router. This way the office has wireless Internet access and the machine that cannot be behind NAT, is not. It is this machine that I am unable to connect to.
> As I think about the project a little more I have to ask some additional questions. The whole reason I am learning about VNC is because I may need to remotely access computers located throughout the Pacific Northwest. I am located in Boise, ID and we will need access, for example, to three or four computers located about two hours south of here. Will I even be able to use VNC to access these computers, or am I heading down a dead end?
> That's it from here. More to come as the plot thickens...
I support servers on 3 continents.
I use vnc to remotetly access them every single day.
This is not a dead end.
But, you definatetly need to add security to the vnc
I'm fortunate in that the servers I support are all
Linux, all are firewalls, and all have ssh open,
and all under my controll.
So that I can ssh to an through the servers, to all
machines behind them.
If you can require the same, then once ssh is set up
the rest is easy and very maintainable...