Re: Redirect domain to specific port

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ashley M. Kirchner wrote:

>    Is there a way to redirect a hostname/domain pair to a specific
> port? Let me explain: we have several Windows machines on our local
> network that run VNC server that folks then access from outside our
> network. Right now everyone connects by punching in the firewall
> address with the port number for their machine, for example
> firewall.domain.com:5901 resolves to my internal machine.

It might be time to re-think that architecture. For one thing, there
isn't that much security in the VNC architecture (especially with the
free clients).

How about...

 * setting up a VPN from each client to your local network? That gets
   everything encrypted properly and handles routing correctly.
   Depending on quite which VPN client you use, it could either query an
   internal DNS server on your local network to resolve hostnames to
   local IP addresses, or you could publish (say)
   ashley.internal.example.com *publicly* with the correct (RFC 1918)
   internal address, which will only be of any use if people can connect
   to the local network. (This could be considered a minor security
   problem, but it's much less than running unencrypted VNC).

 * requiring that everyone use SSH and/or PuTTY to connect, and tunnel
   VNC through SSH. You could give them a range of "scripts" / "Saved
   Settings" to choose from, which would forward port 5900 on the local
   machine to port 5900 on the right machine on the office network.

Hope this helps,

James.

-- 
E-mail:     james@ | Legacy (adj): an uncomplimentary computer-industry
aprilcottage.co.uk | epithet that means 'it works'.
                   |     -- Anthony DeBoer

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux