VNC Multiple Computers behind firewall

I have a multiple computers behind a firewall each with VNC. I need to understand : If I have 10 computers using VNC...do I need 10 port forwards? Is there some solution like team viewer has?
Starquest321Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

techawayManaged IT Service ProviderCommented:
For you to get better answers, it is good to include some more info about what you wish to achieve with the 10 PCs inside the firewalled zone. How is your VNC setup going to be? Each of these 10 computers are VNC servers or clients with a listening server outside the network? Are you trying to connect to the computers for remote support while you are outside the network?  

I can't see why you would go through all this instead of just using Cisco's Meraki dashboard though. It gives you more tools to play with and you can manage and remote support. The remote connection feature is pretty much VNC based. Details, go to meraki.com

Anyway, to answer the question about port forwarding, it depends on your firewall. If you have a half decent firewall, you should be able to specify rules for a range of ip addresses. So in the case of VNC, you would need to allow traffic for ports (5900 for connections and port 5800 for download requests) to go only to the 192.168.1. 2 -192.168.1.11 or whatever the range of 10 machines is. For more about VNC ports go to https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
Starquest321Author Commented:
Let me be clear:

I am trying to to connect to the computers for remote support while you are outside the network.

Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
0
Istvan KalmarHead of IT Security Division Commented:
Hi,

What type of firewall do you have, it is better if you use VPN, and in this case you nott need to open ports on firewall
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Starquest321Author Commented:
I have a Cisco:: Linksys RVS4000 Regarding the VPN . . .good idea.
But just so I get further clarity on VNC:

If I have 10 computers behind a firewall. For VNC to work I need to do 10 port forwards for the indivdual IPS?
0
techawayManaged IT Service ProviderCommented:
Starquest321, sorry to sound like a broken record but give Meraki (https://account.meraki.com/login/new_account) a shot. It's free. You will achieve what you are trying to get done, namely :
Team viewer solved this problem for me without need 10 ports to forward to 10 machines. So I am trying to do the same.
plus you will be able to have a better view of your network. That is why I am recommending Meraki dashboard. It INCLUDES remote (VNC based) connections to the computers that you will install meraki agents on. The only configuration involved is installing Meraki agents on the 10 computers. It's so easy.

Anyway, to answer your question, in the link I sent you in my earlier response, it specifies :
Note: When connecting to VNC Server, a user must qualify the host computer’s network address with the port number in all cases except when VNC Server is listening for connections on port 5900 only.....
 Where is the VNC server in your case? Outside the network or is each of the 10 pcs an individual vnc server that you will connect to from outside? VNC connections are all server-client connections. You connect to a listening server.  
VNC Server can listen on the same port for connections and download requests. This may simplify firewall configuration and make the host computer more secure.
That is what was in my earlier link https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/ai1047203.html
0
Starquest321Author Commented:
Signed up for Meraki. You say its free - I am trying to understand before I go through all the trouble. Does this Meraki come with All Linksys :: Cisco devices or free for limited devices or what? I can't find their pricing but I do see "Sales"
0
Starquest321Author Commented:
License information
License status      Ok
License expiration [Help]      N/A
License limit      Current device count
Add another license
License History [Help]

No valid licenses found
0
Craig BeckCommented:
If you have one IP address on the WAN of your router you will need to port forward 10 different ports on the outside to your 10 VNC servers on the LAN.  So you would have to say forward 5900 to 5900 on VNC server 1, then forward 5901 to 5900 on VNC server 2, then forward 5902 to 5900 on VNC server 3, and so on.  You get what I mean?

If you have multiple IP addresses on your WAN port you could use one IP for each VNC server, so you would forward external IP 1.2.3.4 to VNC server 1, 5.6.7.8 to VNC server 2, 9.10.11.12 to VNC server 3, and so on.  Obviously you'd need 10 external IPs for that, so this is unlikely.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
techawayManaged IT Service ProviderCommented:
Meraki is part of Cisco's offering of firewalls,access points and other network appliances. If you had a Meraki (hardware) firewall you would need to purchase a license for it. This is not currently required for you to do what your main question was. If you want to do even more with than you can at the moment with your dashboard, you would need to get a Meraki firewall or access point etc. I currently use it comfortably in both networks that have Meraki network appliances and those that do not have any Meraki network devices.
0
Starquest321Author Commented:
So Meraki is like Teamviewer? Just install agents and remote desktop into the machines?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.