DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 10th September 2008
revzalot's Avatar
revzalot revzalot is offline
Shell Scout
 
Join Date: May 2008
Posts: 123
Thanked 1 Time in 1 Post
Default VNC port forwarding help

I've already have ssh opened at my firewall. I even port forwarded it to my workstation where I open vncviewer but I still cannot setup an ssh tunnel. What am i doing wrong with my pf firewall?



ssh -L 5900:192.168.1.212:5900 -p 38901 revzalot@69.59.169.251
Reply With Quote
  #2   (View Single Post)  
Old 10th September 2008
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Thanked 40 Times in 39 Posts
Default

Assuming that 192.168.1.121 is the address of the machine running the VNC server, and that server is listening on port 5900, you should be able to connect to it by pointing your VNC client at localhost:5900

If not, then tell us what you are trying, what it outputs, and what messages end up in the log files (both remote and local), and we should be able to work out what is happening.

edit: make sure that you have no restrictions on localhost in your local firewall, and nothing blocking packets between ....169.251 and ....1.212. Put temporary pass all quick from ... to ... rules in to be sure.
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.

Last edited by robbak; 10th September 2008 at 05:47 AM.
Reply With Quote
  #3   (View Single Post)  
Old 10th September 2008
revzalot's Avatar
revzalot revzalot is offline
Shell Scout
 
Join Date: May 2008
Posts: 123
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by robbak View Post
Assuming that 192.168.1.121 is the address of the machine running the VNC server, and that server is listening on port 5900, you should be able to connect to it by pointing your VNC client at localhost:5900

If not, then tell us what you are trying, what it outputs, and what messages end up in the log files (both remote and local), and we should be able to work out what is happening.

edit: make sure that you have no restrictions on localhost in your local firewall, and nothing blocking packets between ....169.251 and ....1.212. Put temporary pass all quick from ... to ... rules in to be sure.
I turned off my localhost firewall and pf is forwarding port 22 to my vnc client.

I used:
$ vncviewer localhost:4
since my vncserver is setup for display 4 but I get a cannot connect error.
I setup my vnc client to listen on port 5900
Reply With Quote
  #4   (View Single Post)  
Old 10th September 2008
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Thanked 40 Times in 39 Posts
Default

OK. If you are getting an ssh login, then you do not need to worry about any firewalls.

I take it that the firewall is forwarding port 38901 to the ssh server's (and vnc server's) address, port 22? Just make sure that you are making an ssh connection to the right machine!

Make sure that vncviewer is trying to connect to port 5900.

You would be better off using localhost in the ssh command, like this:
$ ssh -L 5900:localhost:5900 -p[thatnumber] user@host
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD, vpnc and packets forwarding problems Tritone OpenBSD General 3 2nd July 2009 09:59 PM
SSH on port 443 maxrussell General software and network 4 6th April 2009 05:16 AM
x11 forwarding over ssh not working kasse OpenBSD General 14 23rd December 2008 02:21 PM
port forwarding ikevmowe OpenBSD Security 13 21st November 2008 06:03 PM
vlc port failing maxrussell FreeBSD Ports and Packages 11 27th May 2008 04:38 PM


All times are GMT. The time now is 08:04 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick