VNC in reverse connection from clients. Canīt put protocol to work

From: Edgar Santos (e.santos_at_titus.pt)
Date: 09/30/04 

Date: Thu, 30 Sep 2004 16:24:03 +0100

Hi,

we have several customers with SBS 2000 and SBS 2003, wich need support on
the client machines. For that I've found that VNC is pretty good: easy and
free.

I installed the VNC (TightVNC) on the clients PC's and created a protocol
definition:

VNC, TCP Outbound, Port 5500

Created a Protocol Rule:

Name: VNC
Action: Allow
Schedule: allways
Applies to: any request

Why Port 5500, may you ask? Because I installed the VNC server on the client
PC's and want them to start the connection, called reverse connection.
(Normal direct connections to VNC would use Port 5800, and HTTP connections
Port 5900). To do that I go to the proprities of the WinVNC.exe icon and in
the command line add -connection <my office ip>. Tryed this on remote
machines connect directly to the Internet, and it works fine.

Behind ISA I'm having problems because I can't make the connection. After
examined the FW logs I found this:

#Fields: c-ip cs-username c-agent date time s-computername r-host r-ip
r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation
sc-status sessionid connectionid

192.168.16.10 inacia WinVNC.exe:3:5.1 2004-09-30 11:50:40 SERVIDOR01
titus.myserver.org 81.193.173.137 - - - - - - GHBN 0 6 0
192.168.16.10 inacia WinVNC.exe:3:5.1 2004-09-30 11:50:40 SERVIDOR01 -
81.193.173.137 5500 - - - 5500 TCP Connect 13301 4 8
192.168.16.10 inacia WinVNC.exe:3:5.1 2004-09-30 11:51:04 SERVIDOR01
titus.myserver.org 81.193.173.137 - - - - - - GHBN 0 7 0
192.168.16.10 inacia WinVNC.exe:3:5.1 2004-09-30 11:51:04 SERVIDOR01 -
81.193.173.137 5500 - - - 5500 TCP Connect 13301 4 9

As you can see I have a sc-status of 13301, which I found it means
connection refused.

One of my customers network, have Win9x and WinXP as clients, all with the
MSP firewall client installed, but the Win9X machines can connect to me, the
WinXP don't (!?!?!?)

But why? What I have done wrong on the Protocol Definition and Protocol
Rule? Where can I found more abou this. I don't want to publish the server
and make connections from my office to the customers. I prefer them calling
me in reverse connection.

Thanks in advance,
Edgar Santos

P.S. Sorry my english. 

-- 
Edgar Santos
e.santos@titus.pt

Relevant Pages

  • Re: VNC in reverse connection from clients. Canīt put protocol to work
    ... I personally would not use tight VNC for remotely connecting to XP ... Itsa great for 9X and 2000 machines but I would use tsweb or ... Because I installed the VNC server on the client ... > PC's and want them to start the connection, ...
    (microsoft.public.isa)
  • Re: RD from Win98 to server 2003
    ... but the window is greyed out and can't be changed. ... >>Done the internet connection wizard, ... one of the other machines has ... But I just tried to run a client on ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: VNC in reverse connection from clients. Canīt put protocol to work
    ... I personally would not use tight VNC for remotely connecting to XP ... Itsa great for 9X and 2000 machines but I would use tsweb or ... > the client machines. ... > PC's and want them to start the connection, ...
    (microsoft.public.isa)
  • Re: X server compression settings?
    ... on the machines to improve performance. ... If you have remote Linux server and you connect with windows client, use FreeNX. ... Also the ability to leave a session running and coming back to that from another computer or connection works like charm. ...
    (alt.os.linux)
  • Re: Connection failure on standalone MSDE installtion when network is lost
    ... Check local security policies on client machines that screw up. ... > On a standalone installation i.e client and SQL server are on same ... > connection through client application, then SQL connection could not be ...
    (microsoft.public.sqlserver.connect)