Using VNC behind a firewall or a NAT router without public IP available can be a huge challenge for remote control and maintenance tasks. As local networks operate on their own network address space, these IP network addresses are not known to the public Internet and therefore not directly accessible from outside the private network of your company. Typically, companies access and route the Internet connection for their private networks over a single Router/Gateway and Firewall which receives a permanent or a dynamically changing public IP address. This means that a PC with a private network address within your company is able to access any public IP address within the Internet by routing over your companies public IP Gateway/Router, but the other way its not possible to directly access the private IP address within your companies network.
Generally its impossible to directly access a VNC server running behind a Firewall or a NAT Router, but there are several technical possibilities to overcome this challenge.
Port Forwarding
A common method that is used for many different remote access purposes, such as accessing a private address of your webcam from all over the world, is to configure port forwarding on your router/gateway. Port forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN). In a typical private network, computers obtain Internet access through a DSL or cable modem connected to a router or network address translator (NAT/NAPT). Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN. The NAT device’s external interface is configured with a public IP address. The computers behind the router, on the other hand, are invisible to hosts on the Internet as they each communicate only with a private IP address.
When configuring port forwarding, the network administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. Often, the port numbers of well-known Internet services, such as port number 80 for web services (HTTP), are used in port forwarding, so that common Internet services may be implemented on hosts within private networks.
Listening VNC Client with public IP
By triggering the connection from inside a private network it is possible to establish a connection to a waiting (listening mode) vnc viewer. With UltraVNC for example you can start the viewer in listening mode by typing ultravnc.exe -listen. The constraint for accessing a listening vnc viewer is of course that the network address of the viewer can be accessed by the server. So the vnc viewer has to run on a public IP address.
Public VNC Repeater:
The same way as Skype or TeamViewer are operating is also possible in combination with VNC. Skype and TeamViewer are routing both connections over a central, globally available server with public IP address. So both sides, the server as well as the client can operate on private IP addresses and connect to each other by using the central server. Within the VNC world this concept/software is called a VNC repeater server. VNC repeater servers are responsible for accepting both connections from VNC clients as well as from VNC servers. Typically the VNC repeater accepts VNC clients/viewers on port 5900 and connections coming from your VNC server on port 5500. Both sides have to agree on a common connection ID in order to enable the VNC repeater to distinguise which viewer connection should be connected with which server connection.
You can find free implementations for VNC repeater software from UltraVNC and another implementation on Google Code.
If you are operating a remote maintenance service its strongly advised to setup your own VNC repeater on your own publicly accessable server!
There are also some free VNC repeaters running online, where you can start to test out such a scenario without setting up your own VNC repeater: http://repeaters.ultravnc.info/
MobileVNC, Windows CE and Windows Embedded Compact VNC Server also supports the automatic reconnect to listening VNC viewers or to VNC Repeaters.
Really no matter if someone doesn’t understand then its up to other visitors that they will assist, so here it occurs.
Wow that was unusual. I just wrote an very long comment but after I clicked submit my comment didn’t show up. Grrrr… well I’m not writing all that over again. Anyway, just wanted to say superb blog!
Hello there I am so delighted I found your web site, I really found you by mistake, while I was searching on Bing for something else, Nonetheless I am here now and would just like to say cheers for a incredible post and a all round enjoyable blog (I also love the theme/design), I don’t have time to browse it all at the moment but I have book-marked it and also added your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up the excellent b.
Hi there to every one, the contents present at this web site are really remarkable for people experience, well, keep up the nice work fellows.
A motivating discussion is definitely worth comment. There’s no doubt that that you need to write more about this subject matter, it might not be a taboo subject but usually people do not discuss these subjects. To the next! Best wishes!!
Aw, this was an exceptionally nice post. Taking a few minutes and actual effort to make a good article… but what can I say… I procrastinate a whole lot and don’t seem to get anything done.
It is perfect time to make some plans for the future and it’s time to be happy. I’ve read this post and if I could I want to recommend you some interesting issues or advice. Maybe you can write subsequent articles relating to this article. I desire to read even more things about it!
I like the helpful information you provide in your articles. I’ll bookmark your blog and check again here regularly. I am quite sure I’ll learn many new stuff right here! Best of luck for the next!
It’s amazing to pay a quick visit this web page and reading the views of all mates on the topic of this paragraph, while I am also zealous of getting experience.
I constantly emailed this web site post page to all my associates, because if like to read it next my friends will too.
Good post. I learn something new and challenging on websites I stumbleupon every day. It will always be exciting to read articles from other authors and practice a little something from their websites.
Greetings! Very useful advice within this post! It is the little changes which will make the largest changes. Many thanks for sharing!
If you desire to take much from this paragraph then you have to apply these techniques to your won web site.
I was curious if you ever thought of changing the page layout of your site? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having one or 2 images. Maybe you could space it out better?
I do trust all the ideas you’ve offered in your post. They’re really convincing and can certainly work. Still, the posts are very brief for newbies. Could you please extend them a bit from next time? Thanks for the post.