Da ich über einen DSL-Hardwarerouter ins Internet komme, müsste ich wissen welche Ports ich öffnen und auf meine lokale IP routen muss, damit ich z.B. von der Arbeit oder von Freunden aus per VNC meinen Rechner steuern kann. SSH oder Telnet kommen für mich weniger in Frage da ich grade mal die wichtigsten Linux-Shell-Kommandos kenne und deshalb erst mal von anderen Methoden abwarten will. Kann mir jemand helfen?

Hi,
hier ein Auszug von: http://www.uk.research.att.com/vnc/faq.html

Q52 Will VNC work through a firewall?
It depends on your firewall, and whether you want to access a server inside your firewall from elsewhere, or a server outside your firewall
from inside.

Generally firewalls are designed to prevent incoming connections except to certain well-known machines and ports. If you can configure
these to include your VNC server, then you will be able to access it from anywhere in the world. There is a good argument to be made for
the fact that VNC is less of a security risk than X, so if your site doesn't allow X in or out it may still allow VNC.

Many modern firewalls will allow outgoing connections initiated from inside, so you can often access servers on outside machines. It is
straightforward, for example, to recompile the viewer source to include SOCKS support, or to make other special arrangements. See the
contribs page.

It's a pity that Java within a browser doesn't automatically use SOCKS if the browser is configured to use it. There's probably Java
SOCKS support out there somewhere...

If your internet access is through a router which does Network Address Translation, you may be able to configure the router to redirect
particular incoming ports to particular machines. So you could run WinVNC with a display number of 0 on machine snoopy, and with
display 1 on machine woodstock, then set your router to send port 5900 to snoopy and 5901 to woodstock. See below for information on
the other port numbers used by VNC.

Q53 Which TCP/IP ports does VNC use?
A VNC server listens on two ports. The exact port numbers depend on the VNC display number, because a single machine may run
multiple servers. The most important one is 59xx, where xx is the display number. The VNC protocol itself runs over this port. So for most
PC servers, the port will be 5900, because they use display 0 by default.

In addition, VNC servers normally have a small and very restricted web server built in, which allows you to connect a browser to them and
use the Java viewer. This runs on port 58xx. Note that this is the HTTP port used for downloading pages and applets, but once the applet
is running it uses 59xx for VNC just like any other viewer.

The servers can be changed to listen on other ports if, for any reason, these are not suitable for you. See the server's documentation for
more details. Most of the viewers, if given a display number larger than 99, will interpret it as a direct port number and will not add 5900.
See also the next question.

If you are running a viewer in 'listening' mode, where it accepts connections initiated by the server, it will listen for incoming VNC on port
5500.

Q54 Can I run VNC over a port normally used for a standard service? (eg. port 21, or port 80)
In rare circumstances, people may want to do this, perhaps because they have a firewall which only allows connections to certain ports.
This can be done, at least for the Windows and Unix servers (see their documentation), but the following points need to be borne in mind:
On some systems (eg. most forms of Unix), ordinary users are not allowed to run servers on ports below 1024.
You obviously can't run a VNC server on a port that's already being used for other things.
Many VNC servers use two ports: one for the VNC server, and one for the HTTP server that provides the Java applet (see previous
question). If you plan to use the Java viewer, you may want to change both. Not all servers will allow this at present.
You need to tell the viewer the right display number. Normally, display numbers come between 0 and 99. If you specify any number
smaller than 99, the viewers add 5900 to get the port number. If you specify a larger number, the viewers take it as a port number
directly. So how do you use port numbers lower than 99? You have to specify a negative display number! For example, to connect to
a server running on port 80 on machine 'snoopy':

vncviewer snoopy:-5820

because -5820 + 5900 = 80. This may not work with all viewers, but Unix and Windows seem to be fine.


hope it helps

mfg
a2mueller

:ugly: Danke für die Antwort, nur jetzt muss ich erstma selber übersetzen...das kann etwas dauern...aber ich werd mich noch mal melden sobald ich weitergekommen bin.

wenn Du über´n Browser VNC´n wilslt, dann Port 58xx

wenn du über den VNCViewer vnc´n willst, dann 59xx

xx steht für die jeweilige Display nummer. du kannst mehrere Instanzen starten die Du dann im Browser zum Beispiel über

http://server:5801 #erste Instanz
http://server:5802 #zweite...
http://server:5803 #dritte...

also wenn dann nur über den viewer...

sorry wenns am thema vorbei geht aber wieso sagt mein browser immer java connection not excepted obwohl ich genau die oben weitergeleiteten ports eingerichtet habe und ich auch vom vnc server nach meinem pw gefragt werde? drueck ich dann enter kommt immer die bloede java fehler meldung!! :(

AFAIK kannst Du doch auch VNC über SSH tunneln. Ansonsten hast Du ja wieder Klartext-Passwörter, und die möchtest Du sicher nicht.

geht vnc denn auch über einen normalen httpproxy, wenn man die browsergeschichte nutzt?