VNC (Free Version) does not allow access from outside ( windows 2003 server and win xp clients)

Hi,
I will start off with saying that I am not a 100% expert in networking or security.

 I have a customer who is a long way from us. Their network admisn have provided us a public ip address such as abcd@myco.com.au. So using "abcd@myco.com.au" , we log on to the customers server using Remote descktop, over INTERNET - broadband. we have access to the server as administrators and can run terminal sessions.

the server has lots of client pcs. I installed VNC( free version) on all clients and the sever as well. I wanted to get access to any Client PC using VNC, so

I have the client running the VNC server  - lets call the client pc "client1", ( and it is also set to start up on windows start). When I try to connect to the "Client1" usign VNC viewer on the  Server (abcd@myco.com.au), it just waits and says that it cannot connect "unable to connect to host  - connection timed out". HOWEVER,

I can connect the same way if I am physically in the LAN ( at the customers site I mean).  
I use the free version of the VNC . Only that I did not try "Tight VNC" ( i am not sure of the diffrence ). I tried with ip address, with the VNC Viewer listern running with no luck.

how can I configure VNC please  ?
Thanks.


indikadAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Jay_Jay70Connect With a Mentor Commented:
Hi indikad,

you will have to open port 5900 on the router so that you can pass through
0
 
warriorfan808Commented:
Jay Jay is right, you're going to have to port foward on the router.

Get Admin rights on the router.
Go into fowarding, specify a scope that includes 5900 and then select the IP Address of the workstation that you want to connect to through VNC.
This is going to be a pain because you'll have to do it whenever you switch client workstations.

I would suggest setting up a VPN and then using remote desktop to logon to each of the workstations.  If they have a VPN Server, even better.  If not, see if they're willing to get one.  A lot of times you can get a router with built in VPN capibilities.

Remote Desktop is also a lot better because the user wont see what your'e doing.

But if you want to stick with VNC, you're going to have to keep port fowarding.
0
 
indikadAuthor Commented:
Hi,

If you are talking about the port 5900 on the VNC service then it is set to "Accept Connections On Port" is ticked the box says 5900, by default.

so i think there must be a diffrent issue.

Indika.

0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
Jay_Jay70Commented:
talking about the actual router as described above
0
 
indikadAuthor Commented:
hang on sorry, i missed the part "router" let me see.

thanks.
0
 
r-kCommented:
I agree with warriorfan that Remote Desktop is the better option.

However "Remote Desktop is also a lot better because the user wont see what your'e doing"
this only applies when you connect to the server. When you connect to an XP client they will definitely notice, i.e. they will get locked out.
0
 
warriorfan808Commented:
However "Remote Desktop is also a lot better because the user wont see what your'e doing"
this only applies when you connect to the server. When you connect to an XP client they will definitely notice, i.e. they will get locked out.

I didn't mean that they wouldn't notice, but they wont see what you're doing.  You're right, they'll be locked out which is something that doesn't happen with the free version of VNC.  With that version, it's like doing remote assistance on msn messenger.

In fact, you might be better off using msn messenger if you want them to see what you're doing.
0
 
r-kCommented:
Yes, you're right. I just mis-read the statement. Sorry.
0
 
Rich RumbleSecurity SamuraiCommented:
Your reffering to "Remote Assistance" when using RemoteDesktop that allows the user to see what your doing. If you are unsure about the server having port 5900 or 5800 open to the rest of the internet, log on the pc (remotedesktop or from the lan via vnc, or physically at the console) and visit grc.com and run the "shields up" test. https://grc.com/x/ne.dll?bh0bkyd2  if port 5900 or 5800 are not open, then your router or firewall will need to allow them to that servers public ip. If the server isn't statically nat'd then you will need to port forward as indicated above.
-rich
0
 
indikadAuthor Commented:
Hi All,

all answeres has given me good insight in to the issue. I also wanted to split poionts however ended up giving Jay jay all points. do not know how to go back and rectify now. appologies and thanks again.

Regards,
Indika.
0
All Courses

From novice to tech pro — start learning today.