Remmina local client won't connect to remote vnc server



  • Hello, I'm a bit confused to all the ports on the pfSense router.

    Here are the ports I set on my router.

    If: WAN
    Proto: TCP/UDP (should only need TCP for RDP)
    Src. addr: *
    Src. ports: *
    Dest. addr: LAN address
    Dest. ports: 3389 (MS RDP)
    NAT IP: 192.168.1.110
    NAT Ports: 5900 (VNC)

    Remmina on the local client has settings:
    Protocol: RDP - Remote Desktop Protocol
    Server: publicWANIP:5900
    Username: remote server's username
    Password: remote server's password

    I am confused with the source and destination. I think I need a diagram to show the ports on the WAN and LAN, which can become tricky between the wall WAN port and the router ports.



  • Looks good to me.

    You want to connect from the outside (any where on the net) using any port
    to
    the IP of your psEnse WAN, using port 3389 (MS RDP).
    This connection will be natted to the device /PC on LAN, port number 5900 (VNC).

    Building a NAT rule like that (pretty straight forward) will, by default, generate the corresponding firewall rule.



  • Well, I thought maybe the local client cannot access the remote host, due to TeamViewer running a remote connection.
    So, I closed TeamViewer, then Quit TeamViewer, however the same Remmina error:
    Remmina connection WANIP:3380. Error: Unable to connect to RDP server WANIP:3389 (comes up instantly)
    Remmina connection WANIP:5900. Error: Unable to connect to RDP server WANIP:3389 (comes up after a few minutes)

    I also tried:
    The LAN local connection works.
    The WAN remote connection doesn't work, as per below.

    Well, I thought maybe the local client cannot access the remote host, due to TeamViewer running a remote connection.
    So, I closed TeamViewer, then Quit TeamViewer, however the same Remmina error:
    Remmina connection WANIP:3389. Error: Unable to connect to RDP server WANIP:3389 (comes up instantly)
    Remmina connection WANIP:5900. Error: Unable to connect to RDP server WANIP:3389 (comes up after a few minutes)

    Okay,
    Local client Remmina:
    Protocol: VNC - Virtual Network Computing
    Server: public WAN IP
    User name: blank
    Password: blank
    Connect:

    Remote host Remmina:
    Protocol: VNC - Incoming Connection
    Listen on Port: 1
    User name: blank
    Password: blank
    Connect: read (9: Bad read descriptor)

    vino-preferences: I unticked 'Automatically configure UPnP router to open and forward ports

    I think tightvncserver may be running in Terminal, which shows output:

    $ tightvncserver
    
    New 'X' desktop is userName:1
    
    Starting applications specified in /home/userName/.vnc/xstartup
    Log file is /home/userName/.vnc/userName:1.log
    
    


  • You don't need inbound NAT rules to allow whatever to connect to a remote server.

    If you are trying to allow a remote client to connect to your VNC server, you need to change the destination address to WAN address, not LAN and change the port's to match. If you need both RDP and VNC port's NAT'd make two rules with 3389 -> 3389 and 5900 -> 5900.



  • Well, that helped with accessing 1 computer.
    However, I cannot connect to the 2nd computer?
    Do I have to change the port from 5900 to 5901 for the 2nd computer?


  • Banned

    Hint: Get IPv6 working. This way, you won't need to mess with zillions of ports.



  • Sounds good. I'll need help as I've never set up IPv6 before.
    I'm currently working on FTP access. Maybe someone could help with this with this new IPv6 thingy?



  • Okay, I had access via 5900 for a few weeks, however now I can no longer access ports 5900 and 5902 from outside the public WAN.

    A ping test to the public WAN (which is used to access the vnc server says: 13 packets sent, 100% loss.

    Here are the current settings in the pfSense router:

    If: WAN
    Proto: TCP
    Src. addr: *
    Src. ports: *
    Dest. addr: WAN address
    Dest. ports: 5900 (VNC)
    NAT IP: 192.168.1.110
    NAT Ports: 5900 (VNC)

    Remmina on the local client has settings:
    Protocol: VNC - Incoming Connection

    I installed the nmap package on pfSense and scanned the VNC server IP 192.168.1.110:

    Running: /usr/local/bin/nmap  -sS '192.168.1.110'
    
    Starting Nmap 6.47 ( http://nmap.org ) at 2015-10-22 18:10
    Nmap scan report for 192.168.1.110
    Host is up (0.00011s latency).
    Not shown: 998 closed ports
    PORT    STATE SERVICE
    139/tcp open  netbios-ssn
    445/tcp open  microsoft-ds
    MAC Address: xx:xx:xx:xx:xx:xx
    
    Nmap done: 1 IP address (1 host up) scanned in 3.55 seconds
    

    On the VNC server I ran a check for ports:

    $ netstat -an| grep LISTEN
    tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:5939          0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
    tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN     
    tcp6       0      0 :::139                  :::*                    LISTEN     
    tcp6       0      0 ::1:631                 :::*                    LISTEN     
    tcp6       0      0 :::445                  :::*                    LISTEN     
    unix  2      [ ACC ]     STREAM     LISTENING     13793    @/tmp/.ICE-unix/1756
    unix  2      [ ACC ]     STREAM     LISTENING     13299    /tmp/.X11-unix/X0
    unix  2      [ ACC ]     STREAM     LISTENING     11761    @/tmp/dbus-3SWEl6nEWV
    unix  2      [ ACC ]     STREAM     LISTENING     13742    /tmp/ssh-sCsM4CtFJXXD/agent.1756
    unix  2      [ ACC ]     STREAM     LISTENING     13794    /tmp/.ICE-unix/1756
    unix  2      [ ACC ]     STREAM     LISTENING     4339193  socket
    unix  2      [ ACC ]     STREAM     LISTENING     4434331  @/dbus-vfs-daemon/socket-WHSe9pJh
    unix  2      [ ACC ]     STREAM     LISTENING     13601    /run/user/1000/keyring-Qt4qES/control
    unix  2      [ ACC ]     STREAM     LISTENING     13298    @/tmp/.X11-unix/X0
    unix  2      [ ACC ]     STREAM     LISTENING     4435395  @/dbus-vfs-daemon/socket-zn9XHULl
    unix  2      [ ACC ]     STREAM     LISTENING     59185    /var/run/cups/cups.sock
    unix  2      [ ACC ]     STREAM     LISTENING     20084    @/dbus-vfs-daemon/socket-jyfxNG4K
    unix  2      [ ACC ]     STREAM     LISTENING     3497359  @/dbus-vfs-daemon/socket-FowUdH6c
    unix  2      [ ACC ]     STREAM     LISTENING     19875    @/dbus-vfs-daemon/socket-UU1KLUYI
    unix  2      [ ACC ]     STREAM     LISTENING     13755    @/tmp/dbus-GoVnB738xE
    unix  2      [ ACC ]     STREAM     LISTENING     10844    /var/run/dbus/system_bus_socket
    unix  2      [ ACC ]     STREAM     LISTENING     9672     @/com/ubuntu/upstart
    unix  2      [ ACC ]     STREAM     LISTENING     10088    /var/run/sdp
    unix  2      [ ACC ]     STREAM     LISTENING     12652    /var/run/acpid.socket
    unix  2      [ ACC ]     STREAM     LISTENING     11388    /var/run/samba/nmbd/unexpected
    unix  2      [ ACC ]     SEQPACKET  LISTENING     1935     /run/udev/control
    unix  2      [ ACC ]     STREAM     LISTENING     19605    @/tmp/dbus-96mDEiIXYs
    unix  2      [ ACC ]     STREAM     LISTENING     20085    @/dbus-vfs-daemon/socket-xUgXu05f
    unix  2      [ ACC ]     STREAM     LISTENING     10175    /var/run/avahi-daemon/socket
    unix  2      [ ACC ]     STREAM     LISTENING     3774006  @/dbus-vfs-daemon/socket-tfPuYBAd
    unix  2      [ ACC ]     STREAM     LISTENING     14279    /run/user/1000/pulse/native
    unix  2      [ ACC ]     STREAM     LISTENING     24750    /tmp/.com.google.Chrome.sB9dVB/SingletonSocket
    unix  2      [ ACC ]     STREAM     LISTENING     13796    /run/user/1000/keyring-Qt4qES/ssh
    unix  2      [ ACC ]     STREAM     LISTENING     13798    /run/user/1000/keyring-Qt4qES/gpg
    unix  2      [ ACC ]     STREAM     LISTENING     13801    /run/user/1000/keyring-Qt4qES/pkcs11
    unix  2      [ ACC ]     STREAM     LISTENING     11497    /var/run/gdm_socket
    unix  2      [ ACC ]     STREAM     LISTENING     3477971  @/tmp/dbus-rSkDIWWoq1
    
    

    Any help to make this work again please?



  • Fixed.
    The server was faulty.
    Installed a different server and works.


Log in to reply