The problem is I can not get a consistent connection through TightVNC while the computer is inside our firewall. If it is outside the firewall we get a connection unless there is a problem with the computer on the clients end.
I have a network behind a Juniper Networks SSG5-serial-WLAN router/firewall/switch. It consists of WindowXP Pro boxes and a couple of linux servers. One of our clients has a Windows XP Pro computer behind a firewall with TighVNC Server running on it. I have a high speed (22M/5M) connection to the internet and I do not have a problem with any of my other VPN (out) connections (cisco/citrix/juniper). I believe they are using a cisco gateway/firewall.
The client has set up SecuRemote. We make that connection and then use tightVNC to get through to the computer. If I put our computer outside our firewall (directly on the Comcast router) the connection is made all the time. If I put inside our firewall (SSG5) the connection works 25% of the time. For example, yesterday, 11-5, it was inside our firewall and functioning fine all day. This afternoon (the first time they tried it since yesterday) it would not connect until I moved the computer outside the firewall. I have two computers set up to make this connection and the behavior is the same so It is not dependent on the computer. The securemote is on for only one computer at a time.
The client has been no help as, according to them, it works all the time for all their employees doing the same thing from home.
The SecuRemote (Checkpoint) is always on when the computer is on. Our staff will start TightVNC and click on connect. This causes SecuRemote to pop up asking for authentication. This happens 90% of the time whether it is inside the firewall and not. Then either the tightVNC fails or it connects. If it fails, sometimes it will work if they launch TightVNC again after authentication. If it fails the second time it fails until I move the computer outside the firewall.
I've checked the logs on the SSG5 and there is nothing in them about this or the VNC routing or ports or anything abnormal.
I have rebooted everything on my side approximately a zillion times since we got this client. I have tried RealVNC and it didn't make a difference.
The other issue is that the screen updates are crazy slow inside or out side our firewall. Again the client claims it's not for their employees. You can see the screen update in sections.
If it didn't work at all when inside the firewall that would make it easier. It's this working sometimes without any clue why it works or doesn't. I've turned on the TightVNC logging to the highest level and updated to the latest version and there is never a log generated. Just an empty file.
Ports 5800/5900 are forwarded, obviously since VNC works some of the time.
I do not want this computer to be outside our firewall. It makes everything harder (the staff can't easily access files on the common server). I would have to move other clients off of it and put a firewall on it. This just adds to my maintenance nightmares.
I need some clues on what to do to get it to work inside the firewall. Any ideas?
