sunray_2003
asked on
remote desktop fedora from windows
Hey gurus,
i have a linux box with fedora core 3. I want to do remote desktop to it from outside my office. I ran vncserver in my linux box and from my windows xp machine was able to use tightvnc viewer and was able to access the linux machine fine..
Now inside my office , i have a linksys router. I port forwarded the port 22 to my linux box. So from outside , i can ssh to my linux machine fine.
What I am trying to do now is to use tightvnc viewer from outside to see the linux box desktop. I read about opening ports 5802 and 5902 for tightvnc to work from outside the firewall.. Is that all I need to open in my linksys router or I have to do some changes to my linux box..
After doing the changes , what shud i give in my tightvnc viewer (ex ip address:port ) to get access to my linux box ..
Thanks
SR
i have a linux box with fedora core 3. I want to do remote desktop to it from outside my office. I ran vncserver in my linux box and from my windows xp machine was able to use tightvnc viewer and was able to access the linux machine fine..
Now inside my office , i have a linksys router. I port forwarded the port 22 to my linux box. So from outside , i can ssh to my linux machine fine.
What I am trying to do now is to use tightvnc viewer from outside to see the linux box desktop. I read about opening ports 5802 and 5902 for tightvnc to work from outside the firewall.. Is that all I need to open in my linksys router or I have to do some changes to my linux box..
After doing the changes , what shud i give in my tightvnc viewer (ex ip address:port ) to get access to my linux box ..
Thanks
SR
ASKER
Ah.. That adding of port number + session number is what I was not aware of .I shall try that in office tomm and see that would help me solve this one.
Thanks for the fast reply
SR
Thanks for the fast reply
SR
ASKER
hey , I forgot.. I connected to my office linksys box remotely and forwarded the port numbers 5901 to 5910 (tcp) and was able to remotely connect.. That was easy..
just one more thing.. Now when i started vncserver again , it went to 3.. what is the best way of stopping 1 and 2.. I know to kill the process using ps but i think there should be some command within tightvnc to do the same ..
SR
just one more thing.. Now when i started vncserver again , it went to 3.. what is the best way of stopping 1 and 2.. I know to kill the process using ps but i think there should be some command within tightvnc to do the same ..
SR
> best way of stopping 1 and 2
On Linux box,
vncserver -kill :1
vncserver -kill :2
Wesly
On Linux box,
vncserver -kill :1
vncserver -kill :2
Wesly
I'd use ssh's port forwarding instead of fiddling arround with your firewall/router
ASKER
One reason why ahoffmann's suggestion might help is that we have 2 linux box in our office . In my firewall , I have port forwarded port 22 to both of these linux.. lets say
linux 1 box .. ip address . 192.168.0.1
linux 2 box .. ip address . 192.168.0.2
In this case, from outside the network , if I do ssh , it looks to me the firewall checks the first 22 forwarding in the list and connects to that linux..
Not sure if SSH port forwarding might solve this issue and be able to connect to remote desktop..
linux 1 box .. ip address . 192.168.0.1
linux 2 box .. ip address . 192.168.0.2
In this case, from outside the network , if I do ssh , it looks to me the firewall checks the first 22 forwarding in the list and connects to that linux..
Not sure if SSH port forwarding might solve this issue and be able to connect to remote desktop..
hmm, you see that ssh is another big hole in the firewall ...
If you have multiple WAN IP on your office and your firewall support one-to-one IP mapping, then
you can map different WAN IP to LAN IP to solve this issue.
If not, then do port forwarding on firewall in this way
port 22 forward to Linux A 192.168.0.1:22
port 8822 forward to Linux B 192.168.0.2:22
For ssh into linux B, you type
ssh -X <WAN IP>:8822
Opening port on firewall is opening door to get into your LAN. If you aware of that and have good protection on
you host, then you can reduce the risk. No perfect way to protect your PC once it is on the network, anyway.
Wesly
you can map different WAN IP to LAN IP to solve this issue.
If not, then do port forwarding on firewall in this way
port 22 forward to Linux A 192.168.0.1:22
port 8822 forward to Linux B 192.168.0.2:22
For ssh into linux B, you type
ssh -X <WAN IP>:8822
Opening port on firewall is opening door to get into your LAN. If you aware of that and have good protection on
you host, then you can reduce the risk. No perfect way to protect your PC once it is on the network, anyway.
Wesly
ASKER
since I donot have multiple WAN IP, my only option would be the second which is
port 8822 forward to Linux B 192.168.0.2:22
here is the thing.. In my firewall (under port forwarding) , I can only give 3 numbers for ip address. It is like this
Application start end protocol IP
test 8022 8022 TCP 192.168.1.***
I cannot give more than 3 numbers in the last box (***) .. Is there something I can do about this..
port 8822 forward to Linux B 192.168.0.2:22
here is the thing.. In my firewall (under port forwarding) , I can only give 3 numbers for ip address. It is like this
Application start end protocol IP
test 8022 8022 TCP 192.168.1.***
I cannot give more than 3 numbers in the last box (***) .. Is there something I can do about this..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks wesly.. That was good learning experience for me ..
SR
SR
You are welcome.
Wesly
Wesly
ASKER
Any thoughts here
https://www.experts-exchange.com/questions/21363324/remote-GUI-access-to-Fedora.html
Should be pretty much same as this question
SR
https://www.experts-exchange.com/questions/21363324/remote-GUI-access-to-Fedora.html
Should be pretty much same as this question
SR
It depends on which session number you got when you run vncserver on Linux box.
If it is :1 , then you need to open port 5901.
So I would say that open port 5901-5910 on the firewall.
Also do the port forwarding on office firewall to forward all the request for 5901-5910 from outside firewall to
the LAN IP of your Linux box.
Then on your XP at home, use tighvnc viewer
<IP of your office firewall>:<port number>
port number = 5900 + session number
Wesly