Date: Mon, 9 May 2005 19:33:21 -0400 From: Calvin Lane <calvin.lane@gmail.com> To: Karan Gupta <kgupta@edgefocus.com> Cc: freebsd-questions@freebsd.org Subject: Re: RealVNC Message-ID: <995be75e05050916331db78f13@mail.gmail.com> In-Reply-To: <00ef01c554cd$c30aa210$442aa8c0@ping.co.la> References: <00ef01c554cd$c30aa210$442aa8c0@ping.co.la>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Karan, I have RealVNC going through a number of BSD firewalls/gatways. Most of my= =20 BSD boxes are 4.9 or 4.10. I'm using ipfilter as my firewall. Here is what = I=20 do: in ipnat.rules rdr xl0 xxx.xxx.xxx.xxx/32 port 5800 -> 192.168.0.12 <http://192.168.0.12>port 5800 rdr xl0 xxx.xxx.xxx.xxx/32 port 5900 -> 192.168.0.12 <http://192.168.0.12>port 5900 in ipf.rules pass in quick on xl0 proto tcp from any to any port =3D 5800 flags S keep= =20 state keep frags pass in quick on xl0 proto tcp from any to any port =3D 5900 flags S keep= =20 state keep frags These are the only lines that I use to connect to internal machines on VNC= =20 through my firewall. Let me know how this works for you. Calvin Lane calvin.lane@gmail.com =20 On 5/9/05, Karan Gupta <kgupta@edgefocus.com> wrote:=20 >=20 > Need help..have gone through google/docs but am still confused. > Im running, >=20 > FreeBSD aaa.bbb.com <http://aaa.bbb.com>; 4.9-RELEASE FreeBSD 4.9-RELEASE#= 4:=20 > aaa.bbb.com:/usr/src/sys/compile/GENERIC i386 >=20 > its acting as a router running NAT, IPFW and DHCP >=20 > INTERNET<------>fBSD<------>x.x.x.x(win2k machine running RealVNC server= =20 > on the local network, it has a static IP) >=20 > a.a.a.a: is the ext_ip_fbsd > x.x.x.1: is the int_ip_fsd > x.x.x.x: Win2k on the local network running RealVNC server >=20 > I want to connect to the win2k machine from the internet. > i have natd.conf with > same_port yes > redirect_port tcp x.x.x.x:5800-5900 a.a.a.a:5800-5900 > redirect_port udp x.x.x.x:5800-5900 a.a.a.a:5800-5900 >=20 > ###ipfw with##### > ipfw -f flush > ##### rl0 is the ext interface ##### > /sbin/natd -interface rl0 -s > ipfw add 999 divert natd all from any to any via rl0 >=20 > I can get on the internet just fine, can ssh to the fBSD from the outside= =20 > as well. > Heres the nmap output, > Port State Service > 21/tcp open ftp > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 443/tcp open https > 587/tcp open submission >=20 > I guess i need to open the ports on the firewall....nothing that i tried= =20 > worked. >=20 > Any suggestions? >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?995be75e05050916331db78f13>