On Saturday 11 March 2006 03:02, Mark Fletcher wrote: > Hal Vaughan wrote: > >On Friday 10 March 2006 09:29, nullman wrote: > >>2 short infos to clarify : > >> > >>1. VNC over http doesn´t exist > >>2. Port-Numbers can be altered with any version > >> > >>Solution would be : ssh on Port 443 ... with that you can trick > >> most proxies with the "connect" method to use any proxy-capable > >> ssh-client (putty for example) > >>-> after ssh-connection is ok .. you can do vnc-over-ssh (simple > >>Port-forwarding) > > > >I couldn't get this to work in one of my situations, due to a nasty > >firewall. What I have found that seems to work is using stunnel to > >tunnel the VNC data through port 443 as HTTPS data, close to what is > >mentioned above. I'm still working on part of the solution, since I > >can't easily install stunnel on my clients Linux systems. When I'm > > all done, I'll post my results, since there has been very little on > > this list to directly apply to this -- at least on my case. > > > >Here's a link to stunnel: http://www.stunnel.org > > > >And here's a link to a tutorial about it, but it follows Windows, so > >you'll have to make some allowances and when they tell you to use > >ca.bat, it'll work best to download the file, extract the files that > > do the work, and convert them to Linux and run just those lines. > > You'll get some "directory does not exist" errors, but if you make > > the directory and re-run the program line, it'll work. At one > > point it'll complain about no index file, so do "echo 00 >index" > > and it'll fix it -- forgot what dir that is needed in, though. > > > >I'll have more detailed instructions later, when I've got all my > > stuff behaving at 100%. > > > >Hal > > Again thanks a lot for the suggestion, I'll try this too -- but I > have a possibly stupid question. What protocol will the gateway of my > corporate WAN think it is being asked to handle in this case?
HTTPS. > I don't > think it will allow any connections going out on VNC protocol, > regardless of the port number in use. HTTP / HTTPS is fine, not a lot > else is... That's the same situation I'm dealing with on 2 of my clients' computers: their firewalls block most ports, outbound and inbound, and block protocols other than the basics, like HTTP, HTTPS, POP, SMTP, and maybe a few others. Hal
