This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VNC Firewall and NAT rules?

Hi,

I'm trying to connect to my Mac with RealVNC on port 5900 (VNC)
But the connection always times out.

I tried so many settings, but i just deleted them all because it was still not working. [:S]

Can anyone tell me which settings i need to get VNC to work?
I tried to find it on this forum, but that's not working.

I want to be able to connect to my Mac (RealVNC) from outside my network, but also from the internal network. I'm testing from inside my network now.

I got a new installation with Sophos UTM 9

eth0
Internal
Ethernet

eth1
External (WAN)
Cable Modem

I also got double NAT, my cable modem is a router. And i cant switch it off. (Cable company settings) But i forwarded all ports and DZM on my modem is set to the external IP from the Astaro. These settings should be ok.

Can anyone help me with this?

Thanks :-)

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago
Some thoughts in addition to Barry's directions:
NEVER bind a definition to an interface. ALWAYS leave 'Interface: >'.
In a NAT rule, it's a good habit to leave unchanged items empty ('Destination service' in this case).
If you are trying to access via an FQDN, you may have a DNS issue; see Accessing Internal or DMZ Webserver from Internal Network.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago
Some thoughts in addition to Barry's directions:
NEVER bind a definition to an interface. ALWAYS leave 'Interface: >'.
In a NAT rule, it's a good habit to leave unchanged items empty ('Destination service' in this case).
If you are trying to access via an FQDN, you may have a DNS issue; see Accessing Internal or DMZ Webserver from Internal Network.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Fred. over 13 years ago in reply to BAlfson
"External (WAN) (Network) --> Internal"

No, do NOT masquerade Ext-Int!

Barry

Ok, i deleted that rule. I think i made it to try something...

"I also tried from the internal network to the internal ip from my Mac, also time out."

The firewall isn't involved in LAN traffic.
Something else is wrong.
Maybe the Mac has a host firewall running?

Barry

I found the problem, VNC was not accepting connections anymore, i restarted the vnc service and it was working again. [:)]
Problem solved [[:D]]

Some thoughts in addition to Barry's directions:
NEVER bind a definition to an interface. ALWAYS leave 'Interface: >'.
In a NAT rule, it's a good habit to leave unchanged items empty ('Destination service' in this case).
If you are trying to access via an FQDN, you may have a DNS issue; see Accessing Internal or DMZ Webserver from Internal Network.

Cheers - Bob

I also removed the definition on the interface in that rule.

Everything is working now :-)
Thanks guys [H] [[:D]]
Cancel
Vote Up 0 Vote Down

Cancel