Using VNC behind a firewall or a NAT router without public IP available can be a huge challenge for remote control and maintenance tasks. As local networks operate on their own network address space, these IP network addresses are not known to the public Internet and therefore not directly accessible from outside the private network of your company. Typically, companies access and route the Internet connection for their private networks over a single Router/Gateway and Firewall which receives a permanent or a dynamically changing public IP address. This means that a PC with a private network address within your company is able to access any public IP address within the Internet by routing over your companies public IP Gateway/Router, but the other way its not possible to directly access the private IP address within your companies network.
Generally its impossible to directly access a VNC server running behind a Firewall or a NAT Router, but there are several technical possibilities to overcome this challenge.
Port Forwarding
A common method that is used for many different remote access purposes, such as accessing a private address of your webcam from all over the world, is to configure port forwarding on your router/gateway. Port forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN). In a typical private network, computers obtain Internet access through a DSL or cable modem connected to a router or network address translator (NAT/NAPT). Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN. The NAT device’s external interface is configured with a public IP address. The computers behind the router, on the other hand, are invisible to hosts on the Internet as they each communicate only with a private IP address.
When configuring port forwarding, the network administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. Often, the port numbers of well-known Internet services, such as port number 80 for web services (HTTP), are used in port forwarding, so that common Internet services may be implemented on hosts within private networks.
Listening VNC Client with public IP
By triggering the connection from inside a private network it is possible to establish a connection to a waiting (listening mode) vnc viewer. With UltraVNC for example you can start the viewer in listening mode by typing ultravnc.exe -listen. The constraint for accessing a listening vnc viewer is of course that the network address of the viewer can be accessed by the server. So the vnc viewer has to run on a public IP address.
Public VNC Repeater:
The same way as Skype or TeamViewer are operating is also possible in combination with VNC. Skype and TeamViewer are routing both connections over a central, globally available server with public IP address. So both sides, the server as well as the client can operate on private IP addresses and connect to each other by using the central server. Within the VNC world this concept/software is called a VNC repeater server. VNC repeater servers are responsible for accepting both connections from VNC clients as well as from VNC servers. Typically the VNC repeater accepts VNC clients/viewers on port 5900 and connections coming from your VNC server on port 5500. Both sides have to agree on a common connection ID in order to enable the VNC repeater to distinguise which viewer connection should be connected with which server connection.
You can find free implementations for VNC repeater software from UltraVNC and another implementation on Google Code.
If you are operating a remote maintenance service its strongly advised to setup your own VNC repeater on your own publicly accessable server!
There are also some free VNC repeaters running online, where you can start to test out such a scenario without setting up your own VNC repeater: http://repeaters.ultravnc.info/
MobileVNC, Windows CE and Windows Embedded Compact VNC Server also supports the automatic reconnect to listening VNC viewers or to VNC Repeaters.
Amazing! Its genuinely amazing paragraph, I have got much clear idea on the topic of from this piece of writing.
Great post! We are linking to this great article on our site. Keep up the good writing.
Wonderful blog! I found it while searching on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Thank you
Do you have a spam issue on this website; I also am a blogger, and I was wondering your situation; we have created some nice methods and we are looking to trade methods with others, be sure to shoot me an email if interested.
I know this if off topic but I’m looking into starting my own blog and was wondering what all is needed to get set up? I’m assuming having a blog like yours would cost a pretty penny? I’m not very web savvy so I’m not 100% certain. Any suggestions or advice would be greatly appreciated. Thank you
Thanks for finally talking about > %blog_title% < Loved it!
hi!,I love your writing so so much! percentage we keep up a correspondence more about your post on AOL? I require an expert in this area to unravel my problem. May be that’s you! Having a look forward to see you.
For the reason that the admin of this web site is working, no doubt very soon it will be well-known, due to its quality contents.
Thanks in support of sharing such a nice thought, article is fastidious, thats why i have read it entirely
Yesterday, while I was at work, my sister stole my apple ipad and tested to see if it can survive a 25 foot drop, just so she can be a youtube sensation. My apple ipad is now broken and she has 83 views. I know this is totally off topic but I had to share it with someone!
Great goods from you, man. I’ve understand your stuff previous to and you are just extremely wonderful. I really like what you’ve acquired here, really like what you’re saying and the way in which you say it. You make it enjoyable and you still care for to keep it wise. I can’t wait to read far more from you. This is actually a tremendous website.
Hi there, You have done a great job. I will definitely digg it and personally suggest to my friends. I am confident they will be benefited from this web site.
Hmm it seems like your website ate my first comment (it was super long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I as well am an aspiring blog writer but I’m still new to everything. Do you have any helpful hints for first-time blog writers? I’d certainly appreciate it.
This website really has all the info I wanted about this subject and didn’t know who to ask.
Inspiring story there. What occurred after? Thanks!
Hi, everything is going sound here and ofcourse every one is sharing facts, that’s in fact good, keep up writing.
What’s up, yup this post is truly good and I have learned lot of things from it on the topic of blogging. thanks.
I’m not sure exactly why but this website is loading extremely slow for me. Is anyone else having this issue or is it a issue on my end? I’ll check back later on and see if the problem still exists.