Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Passing through company HTTP proxy

Post Reply
kartalgurhan
Posts: 4
Joined: 2004-12-06 00:58

Passing through company HTTP proxy

Post by kartalgurhan »

Hi,

I've been searching for a viable solution for the last 2 years but apparently, there are still many people having the same problem: Not being able to access a remote PC through a HTTP based company proxy.

At work, only ports 443 and 80 are allowed. Therefore, I forwarded port 443 at home pc to port 5800. Using IE at work, I could get the logon screen but after login, I get "no router to host" message.

I also read all FAQ about Repeater but still I get no connection:

Here is my setting:

At Home(Server):
Repeater settings -> 443 Accept; 5501 Listen.
Added new client in WinVNC server -> Host Name:localhost:5501; ID code:ID:1234

At work(behind proxy) using VNC Viewer:
VNCServer:ID:1234
Proxy/Repeater: XXX.XXX.XXX.XX:443 (my home IP:443)

What am I doing wrong?

Thank you for any suggestions.

Regards,

GK
byteboon
20
20
Posts: 34
Joined: 2004-08-10 23:57
Location: Canada
Contact:

Post by byteboon »

Port 5800 hosts a tiny web server that sends you a web page and the viewer java applet. However, once running the java applet itself connects using port 5900. You will need to forward this port as well.
<b>Jeremy Cross</b>
Developer
Network<i>Streaming</i>
http://www.networkstreaming.com
kartalgurhan
Posts: 4
Joined: 2004-12-06 00:58

Post by kartalgurhan »

Dear byteboon, thanks for the reply.

Excuse my ignorance but what port should I forward port 5900 to?

Thank you very much.

GK
byteboon
20
20
Posts: 34
Joined: 2004-08-10 23:57
Location: Canada
Contact:

Post by byteboon »

My point above was that the java viewer actually makes its connection on a different port. This is what's happening...

1. request: browser@office --443--> [FIREWALL] --443-5800--> winvnc@home
2. serve java: winvnc@home ---> [FIREWALL] ---> browser@office
3. try connect: javaviewer@browser@office --5900--> [FIREWALL BLOCKS TRAFFIC]

You could set your home computer winvnc to listen on port 443, and then use vncviewer (not java viewer) to connect using port 443 directly. You specify the port using host::port double colon notation. This should work fine without the repeater, providing your firewall isn't actually checking the traffic on port 443.

I've never personally used the repeater, so you'll have to connect with someone else to help you with the settings for that.
<b>Jeremy Cross</b>
Developer
Network<i>Streaming</i>
http://www.networkstreaming.com
kartalgurhan
Posts: 4
Joined: 2004-12-06 00:58

Post by kartalgurhan »

Thank you very much once again for your kind input.

Unfortunately, the firewall at work seems to control the type of traffic, therefore the connection when trying to connect on port 443 directly to VNC server at home.

This, somehow, is overcome by RemotelyAnyWhere.com remote connection software when port 443 is used.

Thank you,

regards,

GK
byteboon
20
20
Posts: 34
Joined: 2004-08-10 23:57
Location: Canada
Contact:

Post by byteboon »

It looks to me that RemotelyAnywhere wraps the traffic in SSL. Since browsers also use SSL to secure https traffic on port 443, the firewall lets it through.

My recommendation to you is to use a SSH tunnel for the VNC traffic. This would fool the firewall into thinking the traffic is ok.

Search these forums for SSH to find pointers to setting this up.
<b>Jeremy Cross</b>
Developer
Network<i>Streaming</i>
http://www.networkstreaming.com
Post Reply