I'm new to this forum and new to VNC. So please bear with my dumb questions. First, I've installed UltraVNC RC18 on the following machines:
1. Home Desktop on WinXP Pro (SP2) hard connected w/static IP on my home network (the server)
2. Work on WinXP Pro (SP2) behind a firewall (a client)
3. Home laptop on Win2000 pro wirelessly connected to my home network (another client)
4. Another desktop on WinXP home (SP2) not on my home network and not behind a firewall (another client)
At home I have Linksys router using a cable modem (Comcast). I have done the port forwarding (using 5858 as the main port and 5959 as the HTTP port). I'm routing this to the static IP address of my home desktop. I have the XP Firewall running on this desktop but I have added exceptions for these ports (not sure if that was necessary) as well as for the EXE.
With that background, I have no problems connecting my home laptop to the home desktop server with the Viewer or using a web browser. I also have no problem when I try connecting (via HTTP) from the non-work desktop that is not behind a corporate firewall and not on my home network. However I have problems when trying to connect from work. I type in http://ip:5959 and I see it download the viewer jar and then prompt me for the password. I enter that but then I get the following error:
Network error: could not connect to server: ip:5858
Notice the error is with my main port and not the HTTP port. I looked in the mslogon.log but don't see any activity (unless I point the view to the HTTP port in which case I get an "invalid attempt from client ip" error message. I can ping my home WAN IP address from work with no problem. However if I try using telnet ip 5858, I get an error. Also, when I try connecting via the Viewer, I get the following error:
Failed to connect to server !
Is this a work firewall thing? Even though I can ping? Thanks for your help.
Shawn
btw: sorry for how long this is; the more info the better?
Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Connection Problems from Work
The error is pretty interesting but from what I know right now is -
RC_18 can not be used with MS logon credentials, only a password set.
RC_19 (which is in the announcment forum) I believe has fixed this problem, or is in the works... dont remember which..
I Determined you were using this because you were checking the mslogon.log.
The other thing I would suggest is to use the viewer from work not the web connection. I understand this requires admin rights to install on your work computer sort of..(The viewer works as a .exe only kinda) So if that isnt something you can do then I would suggest changing the server to password only not utilizing ms login username password off of the local or domain accounts.
This should enable you to connect to your home desktop from work however your PW and traffic would be sent over the Inet and someone smart enough could possibly get your password to your server and connect some other time. Thats no fun. Thankfully there is an encryption plugin you can use!
Hopefully my thought is right about the mslogon.
I have a similar situation because I didnt want to send my pw over the net unencrypted I use the security plugin and it is required to be installed on both the server and viewer machines. This key would be unique and if you change it often enough, makes for a nice headache for anyone listening. That and my Gmail / Online web storage holds my key with a pw'd zip file. That way I can use it on any computer... I just havent figured out how the security plugin works with the java viewer (web) since I havent tried it as of yet.
And I dont think you can ever put to much info and this isnt a dumb question...
Kevin
RC_18 can not be used with MS logon credentials, only a password set.
RC_19 (which is in the announcment forum) I believe has fixed this problem, or is in the works... dont remember which..
I Determined you were using this because you were checking the mslogon.log.
The other thing I would suggest is to use the viewer from work not the web connection. I understand this requires admin rights to install on your work computer sort of..(The viewer works as a .exe only kinda) So if that isnt something you can do then I would suggest changing the server to password only not utilizing ms login username password off of the local or domain accounts.
This should enable you to connect to your home desktop from work however your PW and traffic would be sent over the Inet and someone smart enough could possibly get your password to your server and connect some other time. Thats no fun. Thankfully there is an encryption plugin you can use!
Hopefully my thought is right about the mslogon.
I have a similar situation because I didnt want to send my pw over the net unencrypted I use the security plugin and it is required to be installed on both the server and viewer machines. This key would be unique and if you change it often enough, makes for a nice headache for anyone listening. That and my Gmail / Online web storage holds my key with a pw'd zip file. That way I can use it on any computer... I just havent figured out how the security plugin works with the java viewer (web) since I havent tried it as of yet.
And I dont think you can ever put to much info and this isnt a dumb question...
Kevin
Kevin,
Thanks for the quick reply. I'm a bit confused about the mslogon stuff. I really don't think I'm using it, but I'm seeing stuff in the mslogon.log from time to time. I was actually looking for the WinVNC.log file to see if I could figure my problem out, but in the UltraVNC folder, I only saw the mslogon.log file - I found the WinVNC.log file and it didn't have anything that made sense to me. In my Current User Properties screen, I have Accept Socket Connections checked and a password entered there. When I click on the MS Logon button, I have the Require MS Logon unchecked and the rest of the screen is protected. So I think I'm doing what you recommend. And the only reason I was trying to use the web interface was that it actually prompted me for a password before dying; the Viewer simply said it couldn't connect to the server.
With that, do you or anyone else have any ideas? Thanks for your help!
Shawn
Thanks for the quick reply. I'm a bit confused about the mslogon stuff. I really don't think I'm using it, but I'm seeing stuff in the mslogon.log from time to time. I was actually looking for the WinVNC.log file to see if I could figure my problem out, but in the UltraVNC folder, I only saw the mslogon.log file - I found the WinVNC.log file and it didn't have anything that made sense to me. In my Current User Properties screen, I have Accept Socket Connections checked and a password entered there. When I click on the MS Logon button, I have the Require MS Logon unchecked and the rest of the screen is protected. So I think I'm doing what you recommend. And the only reason I was trying to use the web interface was that it actually prompted me for a password before dying; the Viewer simply said it couldn't connect to the server.
With that, do you or anyone else have any ideas? Thanks for your help!
Shawn
Since it works from a laptop outside your corporate network..
I would suggest either finding out what ports are open by asking your administrator or going to a website that scans you for a specified port.. But you really shouldnt do that from work unless your CIO or Network Admin says its okay.
You could always test a theory of forwarding port 80 to your server. 80 is web traffic and shouldnt be blocked by default from your firewall.. Since you have port forwarding down you just add port 80 to go to one of your server ip addresses with the correct port on that end.
However if you have a proxy (that requires you to log in) prior to going out to the web they most likely have this locked down a bit more.
Then I would try using port 21 (Used mainly by ftp), this is another port that is usually open to corporate networks out.
Unfortunately if it doesnt connect behind your corporate network with the two most common ports then you are at the mercy of not being able to do it... I would search for SSH connections also, because someone says it fools the firewall into thinking its a SSL (Secure Socket Layer) and that may pass through just fine.
I would suggest either finding out what ports are open by asking your administrator or going to a website that scans you for a specified port.. But you really shouldnt do that from work unless your CIO or Network Admin says its okay.
You could always test a theory of forwarding port 80 to your server. 80 is web traffic and shouldnt be blocked by default from your firewall.. Since you have port forwarding down you just add port 80 to go to one of your server ip addresses with the correct port on that end.
However if you have a proxy (that requires you to log in) prior to going out to the web they most likely have this locked down a bit more.
Then I would try using port 21 (Used mainly by ftp), this is another port that is usually open to corporate networks out.
Unfortunately if it doesnt connect behind your corporate network with the two most common ports then you are at the mercy of not being able to do it... I would search for SSH connections also, because someone says it fools the firewall into thinking its a SSL (Secure Socket Layer) and that may pass through just fine.