From owner-freebsd-questions Tue Apr 4 21:59:20 2000 Delivered-To: freebsd-questions@freebsd.org Received: from kearneys.ca (cr1003527-a.rct1.bc.wave.home.com [24.113.36.145]) by hub.freebsd.org (Postfix) with SMTP id 8ECF437B845 for ; Tue, 4 Apr 2000 21:59:16 -0700 (PDT) (envelope-from brent@kearneys.ca) Received: (qmail 37574 invoked by uid 1000); 5 Apr 2000 04:59:15 -0000 Date: Tue, 4 Apr 2000 21:59:15 -0700 From: Brent Kearney To: David Daugherty Cc: FreeBSD Questions Subject: Re: WinVNC and natd Message-ID: <20000404215915.C37389@kearneys.ca> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from doc@wcug.wwu.edu on Tue, Apr 04, 2000 at 09:19:29PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In addition to your configuration below, try also adding these firewall rules (i.e., add them to your /etc/rc.firewall): # Allow connections for ip forwarding $fwcmd add pass tcp from any to reagan 5802 setup $fwcmd add pass udp from any to reagan 5802 setup $fwcmd add pass tcp from any to reagan 5902 setup $fwcmd add pass udp from any to reagan 5902 setup And similarly for "lincoln". I'm using a pretty restrictive firewall scheme, instead of "open", so I don't know that this will make a difference in your case (it works for me though, with additional rules to allow connections to ${oip} from the outside, on the specified ports). I'm interested in knowing whether this works or not, as many people have asked the same question. -Brent On Tue, Apr 04, 2000 at 09:19:29PM -0700, David Daugherty wrote: > I'm trying to configure my router running 3.4-stable to divert packets to > VNC boxes behind my router/firewall. In my natd.conf I have: > > n pn0 > unregistered_only > use_sockets > redirect_port tcp reagan:5802 5802 > redirect_port udp reagan:5802 5802 > redirect_port tcp reagan:5902 5902 > redirect_port udp reagan:5902 5902 > > redirect_port tcp lincoln:5804 5804 > redirect_port udp lincoln:5804 5804 > redirect_port tcp lincoln:5904 5904 > redirect_port udp lincoln:5904 5904 > > log yes > > I also have met all of the requirements in man natd like having: > natd 8668/divert # Network Address Translation > > in my services file. > > my rc.conf has natd related stuff like: > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > natd_enable="YES" > natd_interface="pn0" > natd_flags="-f /etc/natd.conf" > > of course after pn0 is defined and started :) > > Now the problem. I can't connect through my router. VNC just tells me it > can't find the server. From my understanding since I'm using 5802/5902 I > should be connecting to display # 2 in VNC to get at reagan. > > I've tried debugging using tcpdump and looking in the alias.log but I > never see anything of worth to tell me what's going on. Has anyone dealt > with setting this kind of thing up? > > David > doc@wcug.wwu.edu > Washington State Resident > ICQ 21106703 > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ brent@kearneys.ca It has been said that man is a rational animal. All my life I have been searching for evidence which could support this. -- Bertrand Russell ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message