Link to home
Start Free TrialLog in
Avatar of brstores
brstores

asked on

Something blocking VNC

I have a Server 2003 box that I'm unable to VNC to remotely.  Something is blocking port 5900 and I don't know what it is.  Is there some way to identify what program could be doing this?  Here is what I know so far:
- I am unable to telnet to port 5900 from a remote computer.
- I am able to connect to the VNC server from the Server 2003 box using 127.0.0.1.
- I am unable to connect to the VNC server from the Server 2003 box using it's LAN address.
- Windows firewall is disabled.  For paranoia's sake I added an exception for port 5900.  It didn't help.
- SEP 12 is installed.  There is a central exception for port 5900 and for the VNC server application.  Even with the Symantec firewall disabled I'm unable to VNC to the box.  I was also unable to VNC to the box before SEP was installed.
- There are no other firewall/security programs installed.

What could I be missing here?  What else can I check?
Avatar of Hypercat (Deb)
Hypercat (Deb)
Flag of United States of America image

It's possible that something else that's installed on that server is using port 5900.  You can find out what's using that port by running the following at the command line:  netstat -ab (requires elevated command prompt).
Avatar of brstores
brstores

ASKER

@hypercat, I hadn't thought of that.  The command that you suggested shows only one program listening on port 5900.  That program was the VNC server.  I even shut down the VNC server and ran the command again just to see if another program may appear in its absence.

There is also the fact that I know that VNC is actually listening to 5900 and responding to requests due to the fact that I'm able to connect to the server locally by using the loopback address.  I don't think that there is a conflict with another program using that port.

Thank you for the idea.
What happens if you try to connect to it using http?  The URL would be http://ipaddress:5800
@hypercat, it connects.  I get a Java security error but it connects.  I'm also able to remotely telnet to port 5800.
So, it's listening on port 5800 with the correct IP address but not on port 5900.  That's odd.  If you go to your Start menu and navigate to the VNC folder (depending on your "flavor" of VNC it could be RealVNC, UltraVNC, etc.) and open the VNC Server program, it may tell you what IP address it's listening on for each of the ports 5900 and 5800.  Maybe it's listening on some other IP address for some reason.  Does this server have multiple NICs?
@hypercat, It's TightVNC.  It is indeed configured to listen on port 5900.  I am actually able to connect to the VNC server from the local machine if I use the loopback address.  I know that the server is working on the default port.
Yes, I get that, but I'm trying to figure out how you're getting to it on the loopback, but apparently it's not listening on the server's LAN IP address.  If you can connect to it on port 5800 at the server's LAN IP address, then that port is correctly listening, but yet port 5900 apparently isn't.  When you ran netstat -ab, did you see the server listening at port 5900 on it's LAN IP address or on the loopback? For example, on my workstation when I run the netstat -ab command, I see it listening at 0.0.0.0:5900 and then I see TCP [::]:5900 also listed. I do NOT see it listening on the loopback address for port 5900.

I'm using RealVNC, and when I look at the VNC Server properties, I see the address as 10.10.10.22 (my LAN IP addy) and the URL as http://10.10.10.22:5800.  I know that I can connect to this workstation both from the VNC viewer and from the URL.
When I run the netstat command I don't see any numeric IP addresses listed under the local address heading.  Everything there starts with the server name.
Aha - I see why. I was looking at output from a Windows 7 machine; Windows 2003 gives a different response to that command. Try netstat -an instead.  This should give you a list of protocol, local address, foreign address and state.
I ran it with the new switch.  There is an entry for 0.0.0.0 on port 5800, but not 5900.  There is no 5800 or 5900 for the LAN address.  There is an entry for 127.0.0.1 for port 5900.  You were right.  It's not listening for 5900 on the LAN address.  Why would this be?  When I mouse over the icon it states that it is listening on that address. Odd.
Check the DNS entries for this machine.  Does this machine have DNS server on it and/or do you have the loopback address listed as one of the DNS server addresses?  If so, I would remove it, restart the DNS server (if present), DNS client and VNC server services and see if that makes any difference.
The DNS servers for the NIC are set to in in-house server and Google's public server as a backup.  This machine is not a DNS server.  I restarted the DNS client and VNC server services and that didn't help.
Also make sure that the Remote Registry service on the server is running and set to start up automatically. That can cause problems connecting with RealVNC, but I don't know whether it's related to your specific issue here with TightVNC.  Failing that, the only other thing I can think of would be to uninstall and reinstall VNC.  Maybe something didn't get set up correctly during the initial install.
Remote registry is running and set to automatic.  I have actually uninstalled Tight, installed Real, uninstalled Real and reinstalled Tight.  The problem persisted throughout.
Reset the TCP/IP stack? I'm really beginning to think that this isn't a VNC issue at all. Here's an article if you want to try it:

http://support.microsoft.com/kb/317518/hu
I hadn't thought about doing that.  I reset the stack.  No help.

Don't get me wrong, I don't think it is a VNC issue either.  I think it is a problem with something blocking port 5900.
ASKER CERTIFIED SOLUTION
Avatar of Hypercat (Deb)
Hypercat (Deb)
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
OMG!  I didn't even see that.  That was it.  

I'm not using Ultra, I'm using Tight.  However, on one of the tabs was a very similar setting.  Hidden right in plain sight.  Jeesh.

Thank you for opening my eyes!
Glad I finally sussed it out; that one was pretty obscure. And all the different flavors don't help - RealVNC doesn't even have that option as far as I know.  Cheers!