vnc server on lan 1

[tbalazs]

I need to make a PC on a LAN (private IP address) running a vnc server visible from the Internet via a Sonicwall TZ170. Assuming I use the default port 5900 how would I go about this? The Sonicwall is NAT enabled. I have vnc allowed WAN to LAN in the Sonicwall rules but need to make the workstation visible. Thanks for any help. Tony.

 

[twwabw]

You only need to forward port 5900 (if that's what you're using) to the SPECIFIC pc lan IP address. You said you "allowed WAN to LAN in the Sonicwall rules ", but did you set the destination IP address?

As an aside.... port forwarding to an open listening vnc server is a REALLY bad idea. There is absolutely no security with VNC, and you're really leaving a giant hole in your perimeter. Kind of defeats the whole purpose of the firewall. The correct way to do it use to use the Global VPN client, and connect to the LAN with VPN. Then, your vnc trafic is encapsulated within the tunnel and completely secure. Do as you wish, but again- opening VNC port access through your firewall is not a good idea.

 

[tbalazs]

Thanks twwabw. I will configure VPN and do it that way.