How do I allow VNC from one subnet to another?

  • LAYER 8 Global Moderator

    Sorry I have been supporting 100's if not 1000's of customers over the years.. NOBODY still uses RRAS but the smallest of smallest SMBs -- sorry nobody uses it in real networking ;)

    All of those services for sure can run on your windows Box.. Just that there is ZERO use for it to be doing RRAS..

  • I know you are as superior in this as I probably am to you (and to Google Translate!) in English to Norwegian translations (which is my job). 😂 But this small SMB still use it. Of course there's a lot of the old "since I have been using this with almost no problems for 20 years, there's no need to start learning something completely different". Also I have been running M0n0wall before pfSense since forever, so I have never been hacked either.

    This stuff is the first real problem I've had for as long as I can remember, so it has been very low maintainance for me. So I figure it's worth seeing if I can find out anything on the server forum. If not I can probably live with using VNC indirectly.

  • LAYER 8 Global Moderator

    @mastiff said in How do I allow VNC from one subnet to another?:

    If not I can probably live with using VNC indirectly.

    That is just moronic to be honest.. Fix your ASYMMETRICAL routing... Why is this server even multi homed?

  • As I said before in another thread, where I managed to get fixed the then problem (slow to stopping file transfers), to isolate Airplay and automation devices completely from the 0 network while keeping them directly connected to the server for 100 % stable access no matter what goes down, as long as it isn't the server itself (which honestly doesn't happen with Windows Servers without a serious hardware problem since Windows Server 2003 R2 in 2005). And the Airplay devices can't be isolated from the client network if I use the addon to send Airplay from the 192.168.1.x segment to the 10.x segment. As for moronic, probably. But as long as it doesn't give me practical problems, I'm good with it. Just like my Honda Blackbird still does 200+ mph and 0-60 in less than 2.5 seconds even if there are a few scratches on it.

  • LAYER 8 Global Moderator

    So your multihoming incase your ROUTER goes down pfsense?? So your issues is 110% self inflicted nonsense then... If your that worried about router going down.

    I take it all your switches that connect everything are dual with multiple power supplies and every client has 2 connections?

    If your worried about your router/firewall going down then run it HA...

  • As I said that's half of it, the other half is the Airplay thing. probably more than haf, 2/3 isolation and 1/3 safeguard.

    The PI clients have both wifi and wired connection, yes. And no, it isn't just the router, there are some dumb switches that do not have a UPS setup (my server and main setup has a dual car battery setup for 8 hour UPS) that connects the Pis to the main technical room. And they are spread out because this house has some brick walls that blocks 433 mHz signals.

  • LAYER 8 Global Moderator

    You bring up security and then you multihome a server - which bypasses all firewalls and is HUGE SECURITY issue!!!

  • Oh, not at all! The 10.x segment I'm multihoming is coming directly FROM the pfSense firewall, and it's blocked for the Internet except for one port, SMTP (sending warning mails if someting stalls). The only possible vector is the wifi, and that has a very long passphrase in Norwegian that isn't possible to do wit brute force for a few million years. So yeah, there is the WPA-2 vulnerability, but they would have to be very close to the house to access, and my mastiff would probably start barking then.

Log in to reply