Ashley M. Kirchner wrote: > Is there a way to redirect a hostname/domain pair to a specific > port? Let me explain: we have several Windows machines on our local > network that run VNC server that folks then access from outside our > network. Right now everyone connects by punching in the firewall > address with the port number for their machine, for example > firewall.domain.com:5901 resolves to my internal machine. It might be time to re-think that architecture. For one thing, there isn't that much security in the VNC architecture (especially with the free clients). How about... * setting up a VPN from each client to your local network? That gets everything encrypted properly and handles routing correctly. Depending on quite which VPN client you use, it could either query an internal DNS server on your local network to resolve hostnames to local IP addresses, or you could publish (say) ashley.internal.example.com *publicly* with the correct (RFC 1918) internal address, which will only be of any use if people can connect to the local network. (This could be considered a minor security problem, but it's much less than running unencrypted VNC). * requiring that everyone use SSH and/or PuTTY to connect, and tunnel VNC through SSH. You could give them a range of "scripts" / "Saved Settings" to choose from, which would forward port 5900 on the local machine to port 5900 on the right machine on the office network. Hope this helps, James. -- E-mail: james@ | Legacy (adj): an uncomplimentary computer-industry aprilcottage.co.uk | epithet that means 'it works'. | -- Anthony DeBoer -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list