Sign in to follow this  
Followers 0
XxthugstylezxX

Real VNC

23 posts in this topic

Ok so im installing and configureing Real VNC for a small company. The problem im haveing is that realvnc is seeing non-routable ip for the server. So the only way i will be able to use it is on the lan. How i can make real vnc server routable via tcp/ip. The router is configured to do so. Or am i so oblivious that it will work with the external ip address?

0

Share this post


Link to post
Share on other sites

I'd assume it's the same with Real VNC, but with Tight VNC, I have a port in my router (running FreeSCO 0.3.4) to forward a port to the machine running TightVNC server. I do the same with SSH. I use oddball ports so they won't be openly noticable if/when people try to portscan me.

0

Share this post


Link to post
Share on other sites

Ok so i set up port forwarding wich is something i knew i would have to do but i coudlnt find the settings on the router until i did some digging. Now my problem is i need to test it and i dont have a external source to test from. Hehe So now that port forwarding is set up on the router i should beable to log into realvnc by useing the external address and the router will catch that and forward it to the local address that realvnc is running correct?

Edit: When doing so it prompted me for the password. I use the vnc password i set and it wont take it. It says no authentication was set for vnc do you wish to still connect to xxx.xxx.xxx.xxx ? I click yes and it goes throught that same process.

Edited by XxthugstylezxX
0

Share this post


Link to post
Share on other sites

Ok so searching through realvnc's very un-user friendly docs, i've came to the conclusion that windows is rejecting the service after i did the port forwarding. When looking at the "application event" viewing in windows it says only this for realvnc "SocketManager: unknown listener event: 0 " On the docs on realvnc's website it says that windows needs to have both fast user switching disabled and remote access disabled for those both use socket : 0. So do that and still have the same problem. Any suggestions?

0

Share this post


Link to post
Share on other sites

Try switching to port 5901, and having the port forwarded to 5901, but the user have to add that to the url (theurl.com:5901), and then you can iterate up for each machine you need via port forwarding. I recommend if possible having the users vpn into the network if you have that available and then connect to the proper local address Much more secure, becuase basic real vnc is NOT ENCRYPTED, and you will give any intruder the next best thing to local access, and sniffable passwords, If the user leaves there machine logged in then windows login is out of the equation, you may already have known this, but its just a warning, for cheap vpn try looking into hamachi (I have not tried this setup, but I would if I didn't have vpn solution on my network), or look into a gateway appliance for the company, but it is up to the client "how high do they want the wall".

0

Share this post


Link to post
Share on other sites
Ok so im installing and configureing Real VNC for a small company. The problem im haveing is that realvnc is seeing non-routable ip for the server. So the only way i will be able to use it is on the lan. How i can make real vnc server routable via tcp/ip. The router is configured to do so. Or am i so oblivious that it will work with the external ip address?

could you give an example of the ip it is showing, and the ip you'd like it to show, for instance is it showing like 192.168.x.x and you want it to show your external ip? If this is the case as long as your firewall allows the vnc port (i think its 5800, 5801, 5900, and 5901 depending on version) then you should be able to remote into which ever computer has that port forwarded it to it. For example on my home network i have serveral computers, but only one is accessable for remote managagement via the internet, so i Remote into desktop1, then i can from that computer remote into desktop2,3,latop1,2 .. via internal network ip (or hostname).

0

Share this post


Link to post
Share on other sites

Well they know to use common sense, i've told them their options as far as the security route is concerned. As they stuck with realvnc free edition, i gave them the do's and do nots. After brain storming a while on this i've concluded 1 of 2 things...

1.) Something in the router is messing up my access

2.) Might have some software curruption of some sort some where.

Alternativly

3.) It could very well be the default port that its useing.

This is kind of the senario so far:

First setup within the lan before port forwarding: It worked fine internally in the lan

Second setup with port forwarding: Set up as directed on the docs on the realvnc website, and now i cant connect internally or externally from the lan.

So the real problem started after i went through the router. First i thought it was because i was trying it from within the lan. Now i find i cant connect from outside the lan ether. Thats how i can only assume its with the router or something software related went wrong after i set up port forwarding. As the docs on realvnc says to dissable remote access and fast user switching for those use "Socket Event listening :0 " where that from my point of view is saying windows is listening on socket event array [0]. God damn you windows! I'm out of ideas as of right now except to start all over from scratch and hope it works the second time.

0

Share this post


Link to post
Share on other sites

Okay could you give an example of your networks topography so i could better grasp what your trying to do

to me it sounds like your doing

internet -> switch -> router -> local pc.

Which is kind of odd, as what is messing you up is if the router is acting as a DHCP server, you'd have to vnc to point to the router, and the router to port foward as well.. kind of messy. If you have an internal DHCP server (or more useful, static ips on all machines), then disable the dhcp on the router. I'll wait for more detail before shooting in the dark

0

Share this post


Link to post
Share on other sites

i just read your error, and it looks like vnc is saying your not listening on any ports, not on port 0.. just a guess with out looking at the network. If its a windows network i'd recomend using builtin RDP. Its generally painless to setup.

0

Share this post


Link to post
Share on other sites

internet > router > lan

Its set up like most common home networks are. Nothing special other then a cheap linksys router. The ISP supplys the DHCP and the router as far as im concerned is not acting as a DHCP. And as far as vnc goes, theres not much you can configure on the vnc side. I've looked, unless i didnt look hard enough. As far as i am concerned everything is configured correctly. I'll look into the router more next time im there and see whats up with it. There are very few things i have not tried while trouble shooting this but i'm willing to try anything right now.

So the set up is kind of like this

WAN > router > router portforward :5900 > lan where vnc server is sitting.

0

Share this post


Link to post
Share on other sites
internet > router > lan

Its set up like most common home networks are. Nothing special other then a cheap linksys router. The ISP supplys the DHCP and the router as far as im concerned is not acting as a DHCP. And as far as vnc goes, theres not much you can configure on the vnc side. I've looked, unless i didnt look hard enough. As far as i am concerned everything is configured correctly. I'll look into the router more next time im there and see whats up with it. There are very few things i have not tried while trouble shooting this but i'm willing to try anything right now.

So the set up is kind of like this

WAN > router > router portforward :5900 > lan where vnc server is sitting.

so the internal ip of your machines, each has a internet address or do they have a private address? (ie 192.168.xx.xxx, or 10.x.x.x) if its a private address, you need to port foward to one of the computers, then use that as a stage to jump to the others via vnc. so like you have computer 192.168.1.2 as your platform, then jump to any other computer from there, as you cannot really setup the linksys to forward to each computer (unless you setup it in such a way where each person gets a unique port for their computer ie (yourip):9010 = 192.168.1.3, (yourip):9011 = 192.168.1.4 ect ect)

0

Share this post


Link to post
Share on other sites

Once you have everything working internally, if you need to check that there is indeed a forward in the router, use a web-based port scanning service, such as one of the web nmap clients or something, to verify there's a hole in the wall.

Just a thought, but is the Windows firewall running? I had to disable it on my WinXP machine when I set TightVNC up (the machine *did* have fast user switching/remote access disabled).

0

Share this post


Link to post
Share on other sites
Once you have everything working internally, if you need to check that there is indeed a forward in the router, use a web-based port scanning service, such as one of the web nmap clients or something, to verify there's a hole in the wall.

Just a thought, but is the Windows firewall running? I had to disable it on my WinXP machine when I set TightVNC up (the machine *did* have fast user switching/remote access disabled).

I forgot about that, you dont have to disable the firewall, just poke a hole in it by opening up 5900 (i think thats the port your using). just add a custom rule to allow that port and you should be good to go. Best of luck, if it doesnt work post again and i'll try to help you get it working.

0

Share this post


Link to post
Share on other sites

All the computers inside the lan have private "none routable" addresses. Like i've stated the topology looks exactly like this.

internet > DSL modem > Router > Lan

The router has a hardware firewall on it which at first i configured to let VPN's pass through on a given port, and disabled blocking anonymous requests. That didnt work so i totally dissabled the firewall on the router and still did nothing. I believe i disabled the windows firewall thats usually where i would have looked first but i cant remeber. They also have norton personal firewall on there which i dissabled. Like i said also it was working fine in the lan before i messed with the router, after that it all went down hill. The router is set up to port forward RealVNC at port 5900 that is realvnc's default port. On realvnc's website it states this.

VNC doesn't seem to work properly with Windows XP

VNC will work with Windows XP provided that Fast User Switching and Remote Administration are not used. Windows XP uses the Terminal Services system to implement Fast User Switching and Remote Administration. This is not compatible with releases of VNC prior to Free Edition version 4.1 and Enterprise Edition version 4.1.3. These versions of VNC include a workaround to ensure that session zero is always available, and a more complete solution will be included in a future release.

VNC causes my Windows NT/2000/XP machine to blue screen

Windows NT Version 4 has bugs in the API which is used by VNC. You must have service pack 3 or higher installed to avoid problems.

On Windows 2000/XP there are reports that blue screens occur as a result of having Microsoft Hotfix installed, with or without VNC installed.

VNC does not install any system level hooks or driver software. Consequently it cannot cause machines to crash except by by exposing bugs in the undelying operating system and device drivers. If it appears that VNC causes your machine to crash, check that you have the latest service packs, graphics drivers and network drivers installed for your system.

My computer uses roaming profiles, and with VNC installed the profiles are sometimes not saved back to the server. It can take a very long time to log out.

Versions of VNC prior to 3.3.6 have a bug that can cause this behaviour. Additionally we have had reports that Windows 2000 machines with Hotfix Q329170 installed exhibit the same behaviour, with or without VNC installed.

So for some reason after setting up port forwarding on the router it closed out or it wont "zero" out as the doc says.

These versions of VNC include a workaround to ensure that session zero is always available,

It could be possible that i am not on the default admin account and thats why it wont allow the session to zero out but then again it was working fine internally before i messed with the router. Next time im there i will boot safe mode so i can go into the default admin account and disable and delete all unnecissary accounts. Also worst case senario i will say fuck realvnc and ask for a differnt/better VPN to use.

0

Share this post


Link to post
Share on other sites

okay from what you've said, you were able to vnc from one local computer to the other, and now you cant.

Reset your router back to the settings you had when you could vnc from one computer to the other. That will bring you back to where you were (also reset the computer vnc to default settings as well). Your router is behaving as a dhcp server, which you may want to disable, setup static ips on all the computers, than manually port forward an port to each computer, not sure which router you have, but if its a linksys, its east to just do

*.*.*.*:5991 -> 192.168.1.2:5900

*.*.*.*:5992 -> 192.168.1.3:5900

make sure in your client settings it is 5900. and that you do have port 5900 open on all machines you want to vnc into. Also, as vnc requested check that RDP is not enabled

right click my computer -> remote. i think is where its stored on win xp pro (and only pro, home does not have this).

I think your best bet is going back to square one and detriming where your problem started.

0

Share this post


Link to post
Share on other sites

Well i have not checked if the router is acting a dhcp but i only assume that it is by default, because i've never chaged that. I only have a few more things to try before i determine its best just to move onto a new vpn server/client. I'll let you guys know how it pans out.

0

Share this post


Link to post
Share on other sites

SocketManager: unknown listener event: 0

Thats the message windows Event Viewer is giveing me when looking through the logs. This is no matter if i statically give ip's out or keep the router as dhcp. I'm pretty much done with realvnc anyone got a differnt vpn server/client i can use? One that is free?

0

Share this post


Link to post
Share on other sites
SocketManager: unknown listener event: 0

Thats the message windows Event Viewer is giveing me when looking through the logs. This is no matter if i statically give ip's out or keep the router as dhcp. I'm pretty much done with realvnc anyone got a differnt vpn server/client i can use? One that is free?

Maybe the service isn't coming up properly this guy had that problem. Just gonna double check that you are not connecting to the machine from itself, right? You'd need loopback connections enabled in that case.

Other than that I'm at a loss, if you port forward TCP 5900 to the ip of a machine running VNC the connection should work. I use tightvnc and have never run into a problem. My only suggestion is try bouncing the windows service and try again with a traffic sniffer running.

--ed

0

Share this post


Link to post
Share on other sites
The description for Event ID ( 1 ) in Source ( WinVNC4 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: SocketManager, unknown listener event: 0.

Thats the new message i get now that im trying TightVNC.... Ah im so at a loss.

0

Share this post


Link to post
Share on other sites
The description for Event ID ( 1 ) in Source ( WinVNC4 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: SocketManager, unknown listener event: 0.

Hmm, brutal. Is that event on the server you are connecting to or the client you are connecting from?

Are both ends tightvnc? Is tightvnc running as a service? Can you access it from the internal network? Does it show up as running in the task manager?

Did windows defender silently remove it from the machine? It removed utorrent from my home box while I was in the middle of pulling down the latest debian iso so I don't trust it.

Anything pop up on the network dump? Can you see traffic attempting to connect? Does it show up on a port scan?

--ed

0

Share this post


Link to post
Share on other sites
The description for Event ID ( 1 ) in Source ( WinVNC4 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: SocketManager, unknown listener event: 0.

Hmm, brutal. Is that event on the server you are connecting to or the client you are connecting from?

Are both ends tightvnc? Is tightvnc running as a service? Can you access it from the internal network? Does it show up as running in the task manager?

Did windows defender silently remove it from the machine? It removed utorrent from my home box while I was in the middle of pulling down the latest debian iso so I don't trust it.

Anything pop up on the network dump? Can you see traffic attempting to connect? Does it show up on a port scan?

--ed

Well i've just came to realize it was a software issue rather then router issue. Somthing went wrong with winblowz which isnt out of the norm. So i just did the last ditch attempt and used a restore point (which rarely ever works) to before i even installed it. After that i re-installed vnc server with the router already configured and BOOM! Its working. Then i ran into another problem that i just didnt notice to begin with. Their stupid isp gave them a dynamic ip address. So i call the isp and ask for a static ip and they want more money. Fuckers! At least i know the vpn works now though.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0