A few days ago I had a problem. Someone wanted to demonstrate something to me on his desktop concerning UltraVNC. However, since I was imprisoned behind an external firewall this required the usual tunneling. So I configured an SSH tunnel via my server and established the connection. Everything worked perfectly well.
However, a while after that scenario, the same person (“Borg Number One”) offered me a demonstration about arcane VMWare configuration switches on my own machine. Something I could hardly resists, as curious as I am 😉
Now you can probably already guess the problems turning up after that decision. How to get him to connect to me behind the firewall? Well, nothing easier than that I thought and set up the tunnel – which just failed. The other person had a listening viewer running on his machine. The listening viewer is an option introduced by UltraVNC to allow a server to initiate a connection that would then use the traditional client-server relationship. This sounds odd at first glance, but it is highly useful to support desks which can now push pre-configured UltraVNC-clients (called SC) to their users and initiate a connection upon request. Another option related to listening viewers is the “invitation”. A server machine can invite listening viewers which can connect then to take part in a presentation for example. To me the listening viewer was more of a problem than the solution at that point 🙁
Solving problems is one of my favorite leisure time activities, so I decided to get this to work “somehow”.
After a while I found the recipe. To establish a tunnel to a listening viewer do the following:
- Create a connection entry in PuTTY, filling in the server address, port, login options and so on
- Now choose Connection->SSH->Tunnels from the tree in the left pane of the PuTTY dialog
- Check the checkboxes saying “Local ports accept connections from other hosts” and “Remote &ports do the same (SSH-2 only)”
- Into the edit field for “Source port” write:
5500. In the one for “Destination”:
(replacing <hostname> with the name or IP of the host running the viewer). Press “Add”.
- Repeat the previous step with 5900 in place of 5900
- Don’t forget to save the connection entry, then connect.
- Now that the tunnel is established, start the UltraVNC server (if not already started) and invite the client using the respective entry from the context menu of the system tray icon
Voila, you just established a connection to a listening viewer from behind a firewall.
I hope this information is useful to someone. Of course it is possible to use the same options with an SSH command line client. However, who is enthusiastic enough to work from command line may possibly figure out how to apply the above tips to it, right 😉