Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 456
  • Last Modified:

VNC Multiple Computers behind firewall

I have a multiple computers behind a firewall each with VNC. I need to understand : If I have 10 computers using VNC...do I need 10 port forwards? Is there some solution like team viewer has?
0
Starquest321
Asked:
Starquest321
5 Solutions
 
techawayCommented:
For you to get better answers, it is good to include some more info about what you wish to achieve with the 10 PCs inside the firewalled zone. How is your VNC setup going to be? Each of these 10 computers are VNC servers or clients with a listening server outside the network? Are you trying to connect to the computers for remote support while you are outside the network?  

I can't see why you would go through all this instead of just using Cisco's Meraki dashboard though. It gives you more tools to play with and you can manage and remote support. The remote connection feature is pretty much VNC based. Details, go to meraki.com

Anyway, to answer the question about port forwarding, it depends on your firewall. If you have a half decent firewall, you should be able to specify rules for a range of ip addresses. So in the case of VNC, you would need to allow traffic for ports (5900 for connections and port 5800 for download requests) to go only to the 192.168.1. 2 -192.168.1.11 or whatever the range of 10 machines is. For more about VNC ports go to https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
 
Starquest321Author Commented:
Let me be clear:

I am trying to to connect to the computers for remote support while you are outside the network.

Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
0
 
Istvan KalmarCommented:
Hi,

What type of firewall do you have, it is better if you use VPN, and in this case you nott need to open ports on firewall
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Starquest321Author Commented:
I have a Cisco:: Linksys RVS4000 Regarding the VPN . . .good idea.
But just so I get further clarity on VNC:

If I have 10 computers behind a firewall. For VNC to work I need to do 10 port forwards for the indivdual IPS?
0
 
techawayCommented:
Starquest321, sorry to sound like a broken record but give Meraki (https://account.meraki.com/login/new_account) a shot. It's free. You will achieve what you are trying to get done, namely :
Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
plus you will be able to have a better view of your network. That is why I am recommending Meraki dashboard. It INCLUDES remote (VNC based) connections to the computers that you will install meraki agents on. The only configuration involved is installing Meraki agents on the 10 computers. It's so easy.

Anyway, to answer your question, in the link I sent you in my earlier response, it specifies :
Note: When connecting to VNC Server, a user must qualify the host computer’s network address with the port number in all cases except when VNC Server is listening for connections on port 5900 only.....
 Where is the VNC server in your case? Outside the network or is each of the 10 pcs an individual vnc server that you will connect to from outside? VNC connections are all server-client connections. You connect to a listening server.  
VNC Server can listen on the same port for connections and download requests. This may simplify firewall configuration and make the host computer more secure.
That is what was in my earlier link https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
 
Starquest321Author Commented:
Signed up for Meraki. You say its free - I am trying to understand before I go through all the trouble. Does this Meraki come with All Linksys :: Cisco devices or free for limited devices or what? I can't find their pricing but I do see "Sales"
0
 
Starquest321Author Commented:
License information
License status      Ok
License expiration [Help]      N/A
License limit      Current device count
Add another license
License History [Help]

No valid licenses found
0
 
Craig BeckCommented:
If you have one IP address on the WAN of your router you will need to port forward 10 different ports on the outside to your 10 VNC servers on the LAN.  So you would have to say forward 5900 to 5900 on VNC server 1, then forward 5901 to 5900 on VNC server 2, then forward 5902 to 5900 on VNC server 3, and so on.  You get what I mean?

If you have multiple IP addresses on your WAN port you could use one IP for each VNC server, so you would forward external IP 1.2.3.4 to VNC server 1, 5.6.7.8 to VNC server 2, 9.10.11.12 to VNC server 3, and so on.  Obviously you'd need 10 external IPs for that, so this is unlikely.
0
 
techawayCommented:
Meraki is part of Cisco's offering of firewalls,access points and other network appliances. If you had a Meraki (hardware) firewall you would need to purchase a license for it. This is not currently required for you to do what your main question was. If you want to do even more with than you can at the moment with your dashboard, you would need to get a Meraki firewall or access point etc. I currently use it comfortably in both networks that have Meraki network appliances and those that do not have any Meraki network devices.
0
 
Starquest321Author Commented:
So Meraki is like Teamviewer? Just install agents and remote desktop into the machines?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now