Remmina local client won't connect to remote vnc server
-
Hello, I'm a bit confused to all the ports on the pfSense router.
Here are the ports I set on my router.
If: WAN
Proto: TCP/UDP (should only need TCP for RDP)
Src. addr: *
Src. ports: *
Dest. addr: LAN address
Dest. ports: 3389 (MS RDP)
NAT IP: 192.168.1.110
NAT Ports: 5900 (VNC)Remmina on the local client has settings:
Protocol: RDP - Remote Desktop Protocol
Server: publicWANIP:5900
Username: remote server's username
Password: remote server's passwordI am confused with the source and destination. I think I need a diagram to show the ports on the WAN and LAN, which can become tricky between the wall WAN port and the router ports.
-
Looks good to me.
You want to connect from the outside (any where on the net) using any port
to
the IP of your psEnse WAN, using port 3389 (MS RDP).
This connection will be natted to the device /PC on LAN, port number 5900 (VNC).Building a NAT rule like that (pretty straight forward) will, by default, generate the corresponding firewall rule.
-
Well, I thought maybe the local client cannot access the remote host, due to TeamViewer running a remote connection.
So, I closed TeamViewer, then Quit TeamViewer, however the same Remmina error:
Remmina connection WANIP:3380. Error: Unable to connect to RDP server WANIP:3389 (comes up instantly)
Remmina connection WANIP:5900. Error: Unable to connect to RDP server WANIP:3389 (comes up after a few minutes)I also tried:
The LAN local connection works.
The WAN remote connection doesn't work, as per below.Well, I thought maybe the local client cannot access the remote host, due to TeamViewer running a remote connection.
So, I closed TeamViewer, then Quit TeamViewer, however the same Remmina error:
Remmina connection WANIP:3389. Error: Unable to connect to RDP server WANIP:3389 (comes up instantly)
Remmina connection WANIP:5900. Error: Unable to connect to RDP server WANIP:3389 (comes up after a few minutes)Okay,
Local client Remmina:
Protocol: VNC - Virtual Network Computing
Server: public WAN IP
User name: blank
Password: blank
Connect:Remote host Remmina:
Protocol: VNC - Incoming Connection
Listen on Port: 1
User name: blank
Password: blank
Connect: read (9: Bad read descriptor)vino-preferences: I unticked 'Automatically configure UPnP router to open and forward ports
I think tightvncserver may be running in Terminal, which shows output:
$ tightvncserver New 'X' desktop is userName:1 Starting applications specified in /home/userName/.vnc/xstartup Log file is /home/userName/.vnc/userName:1.log
-
You don't need inbound NAT rules to allow whatever to connect to a remote server.
If you are trying to allow a remote client to connect to your VNC server, you need to change the destination address to WAN address, not LAN and change the port's to match. If you need both RDP and VNC port's NAT'd make two rules with 3389 -> 3389 and 5900 -> 5900.
-
Well, that helped with accessing 1 computer.
However, I cannot connect to the 2nd computer?
Do I have to change the port from 5900 to 5901 for the 2nd computer? -
Hint: Get IPv6 working. This way, you won't need to mess with zillions of ports.
-
Sounds good. I'll need help as I've never set up IPv6 before.
I'm currently working on FTP access. Maybe someone could help with this with this new IPv6 thingy? -
Okay, I had access via 5900 for a few weeks, however now I can no longer access ports 5900 and 5902 from outside the public WAN.
A ping test to the public WAN (which is used to access the vnc server says: 13 packets sent, 100% loss.
Here are the current settings in the pfSense router:
If: WAN
Proto: TCP
Src. addr: *
Src. ports: *
Dest. addr: WAN address
Dest. ports: 5900 (VNC)
NAT IP: 192.168.1.110
NAT Ports: 5900 (VNC)Remmina on the local client has settings:
Protocol: VNC - Incoming ConnectionI installed the nmap package on pfSense and scanned the VNC server IP 192.168.1.110:
Running: /usr/local/bin/nmap -sS '192.168.1.110' Starting Nmap 6.47 ( http://nmap.org ) at 2015-10-22 18:10 Nmap scan report for 192.168.1.110 Host is up (0.00011s latency). Not shown: 998 closed ports PORT STATE SERVICE 139/tcp open netbios-ssn 445/tcp open microsoft-ds MAC Address: xx:xx:xx:xx:xx:xx Nmap done: 1 IP address (1 host up) scanned in 3.55 seconds
On the VNC server I ran a check for ports:
$ netstat -an| grep LISTEN tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:5939 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN tcp6 0 0 :::139 :::* LISTEN tcp6 0 0 ::1:631 :::* LISTEN tcp6 0 0 :::445 :::* LISTEN unix 2 [ ACC ] STREAM LISTENING 13793 @/tmp/.ICE-unix/1756 unix 2 [ ACC ] STREAM LISTENING 13299 /tmp/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 11761 @/tmp/dbus-3SWEl6nEWV unix 2 [ ACC ] STREAM LISTENING 13742 /tmp/ssh-sCsM4CtFJXXD/agent.1756 unix 2 [ ACC ] STREAM LISTENING 13794 /tmp/.ICE-unix/1756 unix 2 [ ACC ] STREAM LISTENING 4339193 socket unix 2 [ ACC ] STREAM LISTENING 4434331 @/dbus-vfs-daemon/socket-WHSe9pJh unix 2 [ ACC ] STREAM LISTENING 13601 /run/user/1000/keyring-Qt4qES/control unix 2 [ ACC ] STREAM LISTENING 13298 @/tmp/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 4435395 @/dbus-vfs-daemon/socket-zn9XHULl unix 2 [ ACC ] STREAM LISTENING 59185 /var/run/cups/cups.sock unix 2 [ ACC ] STREAM LISTENING 20084 @/dbus-vfs-daemon/socket-jyfxNG4K unix 2 [ ACC ] STREAM LISTENING 3497359 @/dbus-vfs-daemon/socket-FowUdH6c unix 2 [ ACC ] STREAM LISTENING 19875 @/dbus-vfs-daemon/socket-UU1KLUYI unix 2 [ ACC ] STREAM LISTENING 13755 @/tmp/dbus-GoVnB738xE unix 2 [ ACC ] STREAM LISTENING 10844 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 9672 @/com/ubuntu/upstart unix 2 [ ACC ] STREAM LISTENING 10088 /var/run/sdp unix 2 [ ACC ] STREAM LISTENING 12652 /var/run/acpid.socket unix 2 [ ACC ] STREAM LISTENING 11388 /var/run/samba/nmbd/unexpected unix 2 [ ACC ] SEQPACKET LISTENING 1935 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 19605 @/tmp/dbus-96mDEiIXYs unix 2 [ ACC ] STREAM LISTENING 20085 @/dbus-vfs-daemon/socket-xUgXu05f unix 2 [ ACC ] STREAM LISTENING 10175 /var/run/avahi-daemon/socket unix 2 [ ACC ] STREAM LISTENING 3774006 @/dbus-vfs-daemon/socket-tfPuYBAd unix 2 [ ACC ] STREAM LISTENING 14279 /run/user/1000/pulse/native unix 2 [ ACC ] STREAM LISTENING 24750 /tmp/.com.google.Chrome.sB9dVB/SingletonSocket unix 2 [ ACC ] STREAM LISTENING 13796 /run/user/1000/keyring-Qt4qES/ssh unix 2 [ ACC ] STREAM LISTENING 13798 /run/user/1000/keyring-Qt4qES/gpg unix 2 [ ACC ] STREAM LISTENING 13801 /run/user/1000/keyring-Qt4qES/pkcs11 unix 2 [ ACC ] STREAM LISTENING 11497 /var/run/gdm_socket unix 2 [ ACC ] STREAM LISTENING 3477971 @/tmp/dbus-rSkDIWWoq1
Any help to make this work again please?
-
Fixed.
The server was faulty.
Installed a different server and works.