Any way to get around employer blocking VPN access on the server? - DFWstangs Forums
 
LinkBack Thread Tools Display Modes
post #1 of 14 (permalink) Old 07-15-2010, 08:18 AM Thread Starter
Lifer
 
Join Date: Jan 2002
Location: dville
Posts: 1,034
Any way to get around employer blocking VPN access on the server?

I have my home machine setup with RealVCN server and I can connect from any other computer just fine, but at work it can not connect, even over wifi from my laptop/iphone (yet if I switch to 3g is works fine). I assume that my employer is blocking access somehow, I do not have a firewall on my work computer, but who knows what the server is doing.

Any ideas?
dville_gt is offline  
Sponsored Links
Advertisement
 
post #2 of 14 (permalink) Old 07-15-2010, 08:41 AM
Time Served
 
Join Date: Jul 2004
Location: Plano
Posts: 711
I think you mean VNC, not VPN. You work IT dept is blocking the port that you need for VNC. You would need to setup a SSH server (OpenSSH on Windows) on your home computer and use a SSH client (Putty) on your work computer/laptop.

Once you set all that up it will redirect the traffic that would have gone through the port for VNC to another port (like the one used for internet) and that will let you get through.

edit: Oh and on your realVNC client, once you get it setup you will actually tell it to connect to localhost or 127.0.0.1 for the address. This is the loopback address on the SSH server.

'01 Bullitt #0054
bullitt54 is offline  
post #3 of 14 (permalink) Old 07-15-2010, 09:41 AM Thread Starter
Lifer
 
Join Date: Jan 2002
Location: dville
Posts: 1,034
So, I would need to use OpenSSH on my home computer, Putty on my work computer to SSH into my home computer, then use RealVNC on my work computer as well (using the IP address provided so that it uses the putty connection to access my home computer)?

Would I still be using my RealVNC server at the house?

I am trying to get a grasp on how this is working.

I assume that SSH uses a different port to connect that presumably is not blocked, thus you are telling RealVNC client to connect via the loopback IP address so that it connects though my open SSH connection at which point I am now connected to my home computer through the SSH connection, then OpenSSH would connect to RealVNC server?
dville_gt is offline  
 
post #4 of 14 (permalink) Old 07-15-2010, 09:42 AM Thread Starter
Lifer
 
Join Date: Jan 2002
Location: dville
Posts: 1,034
Does SSH use the same port as the internet, could I not try to just use a port other then 5900, something like the FTP (21)?
dville_gt is offline  
post #5 of 14 (permalink) Old 07-15-2010, 09:43 AM
Time Served
 
Join Date: Feb 2008
Location: houston
Posts: 787
edit

sick96GT is offline  
post #6 of 14 (permalink) Old 07-15-2010, 10:45 AM
Time Served
 
Join Date: Jul 2004
Location: Plano
Posts: 711
You can try using a different port, if you can configure that on both the client and server ends and setup port forwarding on your router. I tried this for Remote Desktop which is similar to VNC and it wouldn't work.

SSH will use whatever port you want it to, I would tell it to use 443 (https port) because it looks like encrypted web traffic (like connecting to your bank).

Home- OpenSSH, RealVNC server
Work - Putty, RealVNC client


I've used this setup where they block almost everything on the web (no video, no audio, most websites) and redirect the traffic from the client computer from 8080 to 443 > sends to computer at home > home computer uses it's own port 8080 to look up the webpage and sends it results back to the client computer.

So you would need to setup Putty to redirect 5900 to 443, comp at home receives it via OpenSSH on 443, redirects it to itself on 5901 (or whatever the RealVNC server port is), captures the data, sends it back to you on 443 and Putty redirects what it rec'd to 5900 on client.

The nice thing about this is Putty is a portable app, you can put it on a jump drive so you can run it from anywhere your internet is restricted.

'01 Bullitt #0054

Last edited by bullitt54; 07-15-2010 at 10:52 AM.
bullitt54 is offline  
post #7 of 14 (permalink) Old 07-15-2010, 10:48 AM Thread Starter
Lifer
 
Join Date: Jan 2002
Location: dville
Posts: 1,034
How does OpenSSH know to use the VNC server, do I have to tell OpenSSH to forward it on to RealVNC server?

And same question for the work side, I guess the loopback IP knows to go to Putty, would I still use the 5900 port on the RealVNC client?
dville_gt is offline  
post #8 of 14 (permalink) Old 07-15-2010, 10:50 AM
Punk Ass Newbie
 
Join Date: May 2006
Location: N. fort worth
Posts: 26
use log me in free. www.logmein.com have not had any problems getting around fire walls due to it using a web port

hyper25 is offline  
post #9 of 14 (permalink) Old 07-15-2010, 11:39 AM
Very Interesting
 
The Big Matt's Avatar
 
Join Date: Mar 2000
Location: Around the World
Posts: 9,856
SSL based VPN all the way

You're only as strong as you allow yourself to be...

Lockout Workout Forums and Supplements
The Big Matt is offline  
post #10 of 14 (permalink) Old 07-15-2010, 11:51 AM
Time Served
 
Join Date: Jul 2004
Location: Plano
Posts: 711
Quote:
Originally Posted by The Big Matt View Post
SSL based VPN all the way
That works fine if you just need access to files on your computer but doesn't help you if you are trying to actually manipulate your desktop and run programs using VNC.

'01 Bullitt #0054
bullitt54 is offline  
post #11 of 14 (permalink) Old 07-15-2010, 11:54 AM
Time Served
 
Join Date: Jul 2004
Location: Plano
Posts: 711
OpenSSH > listens on port 443

Putty > Connect to your home IP on port 443
Putty > redirect 5900 to 443

OpenSSH will automatically send stuff to the port it was originally intended to go to. You are just creating a new tunnel for the data.

The only thing that needs to change on the RealVNC client is to tell it to connect to 127.0.0.1:5900 instead of your home IP. This is because, according to RealVNC, it looks like you are running it on your home computer.

RealVNC server would be unchanged.

'01 Bullitt #0054
bullitt54 is offline  
post #12 of 14 (permalink) Old 07-15-2010, 01:46 PM
Very Interesting
 
The Big Matt's Avatar
 
Join Date: Mar 2000
Location: Around the World
Posts: 9,856
Quote:
Originally Posted by bullitt54 View Post
That works fine if you just need access to files on your computer but doesn't help you if you are trying to actually manipulate your desktop and run programs using VNC.
What???

If you have an SSL VPN connection, you can connect to anything on your LAN at home, like you were sitting in your own home.

I use an SSL VPN at work to play games over my home internet connection, since the traffic goes accross our network as SSL (port 443) traffic to my house.

You're only as strong as you allow yourself to be...

Lockout Workout Forums and Supplements
The Big Matt is offline  
post #13 of 14 (permalink) Old 07-15-2010, 09:33 PM
Googlist-Wikipedian
 
Hunt4m3x's Avatar
 
Join Date: Jul 2002
Location: de_aztec
Posts: 4,814
Quote:
Originally Posted by hyper25 View Post
use log me in free. www.logmein.com have not had any problems getting around fire walls due to it using a web port
2x

2005 Infiniti G35 Sedan Ivory Pearl Premium

2006 Infiniti FX45 Liquid Platinum

2010 Polaris Ranger RZR S Orange Madness







Ban count: 2
Hunt4m3x is offline  
post #14 of 14 (permalink) Old 07-16-2010, 07:10 AM
duh...duh....duh
 
ceyko's Avatar
 
Join Date: Aug 2004
Location: ES BEER
Posts: 9,543
Quote:
Originally Posted by The Big Matt View Post
What???

If you have an SSL VPN connection, you can connect to anything on your LAN at home, like you were sitting in your own home.

I use an SSL VPN at work to play games over my home internet connection, since the traffic goes accross our network as SSL (port 443) traffic to my house.
Yup, this is the only way to go IMO. I have one running and use it on occasion to simply use IM and such. (just have split tunneling turned off and intra-interface traffic turned on)

Otherwise, your LAN is all yours via any app you allow through your VPN/Firewall device.

My '03 Sold.
ceyko is offline  
Sponsored Links
Advertisement
 
Reply

Bookmarks

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DFWstangs Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome