A firewall that allows HTTPS (HTTP over SSL) traffic has to be more permissive, since it can't look inside the SSL'ed data. I think I know some folks who managed to make use of an HTTP to HTTPS proxy for RFB/VNC traffic. The remote "web server" has to handle the SSL, and initial HTTP command. Proxies differ wildly. Your mileage may vary. phil