Link to home
Start Free TrialLog in
Avatar of Dima Iva
Dima Iva

asked on

Problem with VNC over SSH connection

I have an Ubuntu 20.04 server at work to which I want to connect from home. At home, on my Windows 11 PC, I open a VPN connection to work. From that moment on, I have two scenarios (one works and one doesn't):


1. On my PC, I open a Remote Desktop Connection to a server that seats on a <XXX.XXX.5.XXX) subnet and from there, I use Putty to SSH on port 22 to Ubuntu, which is at XXX.XXX.20.XXX and get command line access. I can then use TightVNC Client to open a session to localhost::5901 and work in a graphic desktop environment. Everything is great.


2. On my PC, w/o using RDC, I use Putty to SSH on port 22 to Ubuntu and get command line access.  Then, when I try to use TightVNC or other VNC clients, I get "connection gracefully closed" or "the connection was dropped by the server before the session could be established".


In the 2nd scenario, after establishing a VPN connection to work, I end up in a segment that is dedicated to remote access and it looks like VNC from one work subnet to another (after connecting through VPN and then SSH) works, but from home (after connecting through VPN and then SSH) does not.  I wonder whether the firewall at work needs a rule for port 5901 from this VPN subnet or whether it would travel masked by port 22, so no additional rule is needed?  There is clearly something I am missing.

ASKER CERTIFIED SOLUTION
Avatar of mccarl
mccarl
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Kimputer
Kimputer

If you successfully connect to SSH, you have full control over the server. However, in firewalled situations, you DO NEED to point the SSH client to the correct port:



User generated image

In this example, I SSH into server x.x.x.1. But I need to connect to the RDP server in that same section. Since SSH is NOT VPN, I have to tell the SSH server, I want to connect to x.x.x.2.

The command above shows that after you connect to the SSH server, you can connect to:


localhost:33890


and you are in fact RDP-ing into x.x.x.2


Why 33890? Because localhost:3389 would connect to yourself and cause a loop. So you tell that localhost on port 33890 should use the SSH tunnel to reach x.x.x.2 on port 3389

Setup VNC accordingly, ONLY use a different port, if you have the same port on your own PC open. If nothing is on that port, you can use the same port nr.




Avatar of Dima Iva
Dima Iva

ASKER

I compared closely my PUTTY setup at work and at home and made them look the same.  Somehow, in my scenario, I ended up having L5901 - localhost:5901 in SSH>Tunnels and it worked.


Thank you for your suggestions.

Avatar of mccarl
mccarl
Flag of Australia image

Glad that you were able to get it working!