Network routing mystery; ssh works, vncviewer doesnt
John Abreau
jabr at blu.org
Mon Nov 28 17:26:39 EST 2005
Sarah McGlinchey <sarahwithanx at gmail.com>Sarah McGlinchey wrote:
> If you SSH to a machine on the same subnet, can you telnet to VNC?
> This will at least tell you if it is an issue with the VNC host or
> your remote connection.
>
> If there are no firewall rules to force it to do so, OpenVPN is not
> going to treat connections to 5902 any different than 22. I would
> suggest you verify VNC is accepting outside connections (including
> ones from the OpenVPN subnet). Otherwise you may want to look at any
> firewall rules in between you and the server.
When I telnet to port 5902 from another machine on the same subnet as
the remote machine, it connects.
When I telnet to port 5902 from the OpenVPN server, it connects.
The remote machine is the OpenVPN client; it initiates the conenction to
the OpenVPN server on my local end, if that makes any difference. The
remote Windows XP users I need to support are also clients connecting
into my local OpenVPN server.
The OpenVPN server uses the tap0 interface in routing mode; its iptables
rules include the following:
# Allow OpenVPN traffic on tun and tap interfaces
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i tap+ -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tap+ -j ACCEPT
As I understand it, this should allow all traffic over the tap0
interface, and not filter any of it. Is this correct?
Hm, there are rules allowing ports 22 and 80 on the server, but none for
vnc. I'll try adding one for 5902 and see what happens. I would have
thought the above rules made those others irrelevant for tap0, but maybe
I was mistaken.
--
John Abreau / Executive Director, Boston Linux & Unix
ICQ 28611923 / AIM abreauj / JABBER jabr at jabber.org / YAHOO abreauj
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jabr.vcf
Type: text/x-vcard
Size: 175 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20051128/7cdace38/attachment.vcf>
More information about the Discuss
mailing list