I have a bunch of boxes running VNC servers behind one masqueraded IP. I want to make it so that port 5905 will route to a specific internal IP at port 5900. Is that possible?
Rule Type: DNAT/SNAT Source : Any Destination : Any Service : LaptopVNC Change Source to : :: No change :: Change Destination to - Address : Laptop Service Destination : LaptopVNC(5900)
Laptop is defined as : Laptop 192.168.2.200 255.255.255.255
LaptopVNC is defined as : LaptopVNC tcp 5905 5900
I can't connect from the remote computer to myip:5905
Looks like VNC is also using the UDP Protocoll, what means you have to modifie your services.
Can you be a little more Specific? Where are the VNC machines located? External or Internal? If they are external located do they connect from the same port as you're listening.
Example:
IP external port 5000 will connect to IP external-nic 5000 That should work
IP external port 5000 will connect to IP external-nic 5009 That won't work, because the Firewall will block Port 5000
I had that Problem with my Emule Config and solved it with DNAT like this: IP external Port 1024-65536 connecting to IP external-nic Port 1024-65536 route to EMULE-Machine Port 6350-6349 (Ok there are also two other Services running).
Thanks for your reply. I just got back in town and I'm back at it again. I tried to update it to take TCP/UDP. Here's what the livelog says :
00:52:03 24.175.27.28 1075 -> 24.175.29.165 5905 TCP SYN 00:52:06 24.175.27.28 1075 -> 24.175.29.165 5905 TCP SYN 00:52:12 24.175.27.28 1075 -> 24.175.29.165 5905 TCP SYN
The VNC machines are local behind the firewall and I want to be able to connect to them from outside the firewall. They all recieve connections on 5900, so I want to mask 5905 to one, 5906 to another, etc.
I'm not quite sure I understand your post with regards to emule, but I'm going to keep experimenting and trying to figure it out.
