Articles

VNC w/ Actiontec(Qwest) Gateway

May 27, 2005 at 20:09:10
Specs: Windows XP Pro, P4 2.8 GZ / 512 MB RAM

Gateway Hardware: Actiontec GT701-wg (Qwest)
ISP: Qwest DSL

I am unable to connect to my VNC server outside of my network. I can connect to my computer inside of my network just fine. I have done the following:

1) Configured VNC Server to listen on ports 5800 (java) and 5900 (viewer).

2) Forwarded ports 5800 and 5900 to my PC.

3) Opened ports 5800 and 5900 on my Norton Firewall (even tried disabling it altogether).

4) I am entering in my router's Internet Address from the VNC Viewer using port 5900.

5) I have tried several different ports, as well.

When I try connecting remotely, I receive "Unable to connect to server". I even went to http://www.gotomyvnc.com, which port scans your network for listening VNC Servers. It was able to find my VNC Server listening on port 5900.

Is there anything else I can try before I throw my router across the room? Could it be that my ISP is blocking the service?

Any help would be appreciated..


See More: VNC w/ Actiontec(Qwest) Gateway

Report •


#1
May 27, 2005 at 20:36:01

VNC uses two ports per connection type (java/viewer) - the listen ports which you assign (5800 and 5900 in this case) and the next higher port (5801 and 5901 in this case) for the session. Try forwarding those as well and see what happens.

Report •

#2
May 27, 2005 at 22:23:39

Thanks for the suggestion. I went ahead and forwarded 5900-5909 and 5800-5809 and tried connecting to each of those ports. Unfortunately, it is still unable to connect to the server remotely.

Report •

#3
May 27, 2005 at 22:38:24

You don't need all those ports. You only need listen_port and listen_port+1.

I would suspect either your port-forward configuration is wrong, or there is another factor (e.g. software firewall) that you haven't told us about yet. Make sure VNC is running on the ports you think it is (5800 and 5900), then forward only the necessary ports (5800, 5801, 5900, 5901). You don't need to connect to "each of those ports". You will still only connect to the listen port, but you do need to have the session port available as well.

Some other things to consider:

1. For the port-forward settings in your router, did you select TCP or UDP?

2. When connecting from outside your network with the java client (i.e., a web browser) do you get the initial login webpage, and it hangs when you try to login? Or do you not even see the webpage?



Report •

Related Solutions

#4
May 27, 2005 at 22:55:37

1) I selected TCP when forwarding the ports

2) When I try connecting via the web browser, it does not even get to the login screen. I get prompted with "Connection was refused when contacting...".

I'm running Norton Internet Security on the server computer. Windows firewall is disabled. I opened ports 5800 and 5900 in the Norton Firewall. I even tried disabling the firewall. I am positive that's the only firewall I have.

However, my router does have a firewall. It is set to "Basic", which is the lowest setting available. Although, wouldn't forwarding the ports by-pass this? I'm beginning to suspect that it might be something with my ISP.

What stumps me is that www.gotomyvnc.com can see that a VNC server is active on port 5900.


Report •

#5
May 27, 2005 at 23:27:06

Thanks for the additional information. A few thoughts...

I would strongly suggest completely disabling your Norton firewall while working on this issue. No need to add another layer of complexity and potential failure to the equation.


>>I opened ports 5800 and 5900 in the Norton Firewall

Yes, but you would need to open ports 5800, 5801, 5900, and 5901. Even if the VNC server on port 5800 is accessible from the Internet, the server won't be useable unless the session port is accessible as well.


>>Although, wouldn't forwarding the ports by-pass this?

Yes, it should.


>>I'm beginning to suspect that it might be something with my ISP.

I think this is reasonable at this point. What is the external IP address of your router? Some DSL providers use private-network addresses.


>>What stumps me is that www.gotomyvnc.com can see that a VNC server is active on port 5900.

This would invalidate the assumption that your "public" IP address is really private. However, since you are still apparently firewalling the VNC session ports (5801/5901) that could explain it.



Report •

#6
May 27, 2005 at 23:43:39

Would the Norton Firewall still be an issue if I can remote behind the router, using the private ip? (192.168.0.2)

Report •

#7
May 27, 2005 at 23:48:30

Probably not. But possibly yes. As such, it is good practice to eliminate it as a potential cause of failure while troubleshooting.

Report •

#8
May 27, 2005 at 23:51:02

Ok, I have tried opening 5900-5901 and 5800-5801, but still no luck (even with it disabled). I'll try contacting the ISP tomorrow and see what they say. Thank you for taking the time to help me with this, jimminy.

Report •


Ask Question