Solved

VNC Multiple Computers behind firewall

Posted on 2014-10-08
10
367 Views
Last Modified: 2014-10-25
I have a multiple computers behind a firewall each with VNC. I need to understand : If I have 10 computers using VNC...do I need 10 port forwards? Is there some solution like team viewer has?
0
Comment
Question by:Starquest321
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 2

Assisted Solution

by:techaway
techaway earned 300 total points
ID: 40370016
For you to get better answers, it is good to include some more info about what you wish to achieve with the 10 PCs inside the firewalled zone. How is your VNC setup going to be? Each of these 10 computers are VNC servers or clients with a listening server outside the network? Are you trying to connect to the computers for remote support while you are outside the network?  

I can't see why you would go through all this instead of just using Cisco's Meraki dashboard though. It gives you more tools to play with and you can manage and remote support. The remote connection feature is pretty much VNC based. Details, go to meraki.com

Anyway, to answer the question about port forwarding, it depends on your firewall. If you have a half decent firewall, you should be able to specify rules for a range of ip addresses. So in the case of VNC, you would need to allow traffic for ports (5900 for connections and port 5800 for download requests) to go only to the 192.168.1. 2 -192.168.1.11 or whatever the range of 10 machines is. For more about VNC ports go to https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
 

Author Comment

by:Starquest321
ID: 40370042
Let me be clear:

I am trying to to connect to the computers for remote support while you are outside the network.

Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
0
 
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 100 total points
ID: 40370555
Hi,

What type of firewall do you have, it is better if you use VPN, and in this case you nott need to open ports on firewall
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Starquest321
ID: 40370856
I have a Cisco:: Linksys RVS4000 Regarding the VPN . . .good idea.
But just so I get further clarity on VNC:

If I have 10 computers behind a firewall. For VNC to work I need to do 10 port forwards for the indivdual IPS?
0
 
LVL 2

Assisted Solution

by:techaway
techaway earned 300 total points
ID: 40371832
Starquest321, sorry to sound like a broken record but give Meraki (https://account.meraki.com/login/new_account) a shot. It's free. You will achieve what you are trying to get done, namely :
Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
plus you will be able to have a better view of your network. That is why I am recommending Meraki dashboard. It INCLUDES remote (VNC based) connections to the computers that you will install meraki agents on. The only configuration involved is installing Meraki agents on the 10 computers. It's so easy.

Anyway, to answer your question, in the link I sent you in my earlier response, it specifies :
Note: When connecting to VNC Server, a user must qualify the host computer’s network address with the port number in all cases except when VNC Server is listening for connections on port 5900 only.....
 Where is the VNC server in your case? Outside the network or is each of the 10 pcs an individual vnc server that you will connect to from outside? VNC connections are all server-client connections. You connect to a listening server.  
VNC Server can listen on the same port for connections and download requests. This may simplify firewall configuration and make the host computer more secure.
That is what was in my earlier link https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
 

Author Comment

by:Starquest321
ID: 40372262
Signed up for Meraki. You say its free - I am trying to understand before I go through all the trouble. Does this Meraki come with All Linksys :: Cisco devices or free for limited devices or what? I can't find their pricing but I do see "Sales"
0
 

Author Comment

by:Starquest321
ID: 40372268
License information
License status      Ok
License expiration [Help]      N/A
License limit      Current device count
Add another license
License History [Help]

No valid licenses found
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 100 total points
ID: 40373753
If you have one IP address on the WAN of your router you will need to port forward 10 different ports on the outside to your 10 VNC servers on the LAN.  So you would have to say forward 5900 to 5900 on VNC server 1, then forward 5901 to 5900 on VNC server 2, then forward 5902 to 5900 on VNC server 3, and so on.  You get what I mean?

If you have multiple IP addresses on your WAN port you could use one IP for each VNC server, so you would forward external IP 1.2.3.4 to VNC server 1, 5.6.7.8 to VNC server 2, 9.10.11.12 to VNC server 3, and so on.  Obviously you'd need 10 external IPs for that, so this is unlikely.
0
 
LVL 2

Assisted Solution

by:techaway
techaway earned 300 total points
ID: 40374109
Meraki is part of Cisco's offering of firewalls,access points and other network appliances. If you had a Meraki (hardware) firewall you would need to purchase a license for it. This is not currently required for you to do what your main question was. If you want to do even more with than you can at the moment with your dashboard, you would need to get a Meraki firewall or access point etc. I currently use it comfortably in both networks that have Meraki network appliances and those that do not have any Meraki network devices.
0
 

Author Comment

by:Starquest321
ID: 40374538
So Meraki is like Teamviewer? Just install agents and remote desktop into the machines?
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question