Re: VNC

Larry Martell <larry.martell@xxxxxxxxx> · Mon, 14 Oct 2013 10:00:33 -0600

On Fri, Oct 11, 2013 at 5:36 PM, Terre Porter
<tporter@xxxxxxxxxxxxxxxxxxxx>wrote:

> Humm,
>
> Could windows machine be blocking the port going out?
>

No - I can connect with VNC to many other hosts from the windows box.

> If your using putty as a ssh client you could try to port forward (5901,
> 5901) through the ssh session and then try to connect using localhost:5901
> or localhost:5902 on the windows machine and see if you can connect.
>
> It can be done with other ssh clients but I've only used putty, so I know
> it
> can be done with it.
>
> You might also compare some of the settings to this page
> http://wiki.centos.org/HowTos/VNC-Server

Yes, I had seen that site and checked and everything looks copasetic.

>
>
> You could try stopping the servers and running the vncserver in the console
> to see if there are connections or errors - but I'm not sure with the
> configuration your using if that is possible.
>

No, I don't have access to the console. I'm in New Mexico and the machine
is in New York.

>
> I'm not sure what else to offer.
>

NP, I appreciate the help.  I have an admin looking at now - he said 'I
don't know why it doesn't work. It should. It's weird' Which makes me feel
better ;-)

He's suggesting I try and use virtual manager instead of VNC. I'm not
familiar with that, so I'll have to give that a google.

Thanks!
-larry

>
> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
> Behalf
> Of Larry Martell
> Sent: Friday, October 11, 2013 7:13 PM
> To: CentOS mailing list
> Subject: Re:  VNC
>
> On Fri, Oct 11, 2013 at 4:45 PM, Terre Porter
> <tporter@xxxxxxxxxxxxxxxxxxxx>wrote:
>
> > You can specify the port with the IP by using the colon with the ip.
> >
> > x.x.x.x:5901 or x.x.x.x:5902
> >
>
> Those both give me connection refused (as opposed to without the port,
> where
> I get connection timed out)
>
>
> >
> >
> > -----Original Message-----
> > From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
> > Behalf Of Larry Martell
> > Sent: Friday, October 11, 2013 6:35 PM
> > To: CentOS mailing list
> > Subject: Re:  VNC
> >
> > On Fri, Oct 11, 2013 at 4:26 PM, Terre Porter
> > <tporter@xxxxxxxxxxxxxxxxxxxx>wrote:
> >
> > > The instructions out linked to has a type-o at the end says to
> > > connect to
> > > ip:5801 should be 5901.
> > >
> > > If your using a vnc client uvnc,  tightvnc..  try using just the ip
> > > without the :port part or :1 for the 5901.
> > >
> >
> > I am unfortunately connecting from a windows box that I do not have
> > admin rights on.  I have to use the client provided, which is RealVNC
> > Viewer. All I can do is give the ip.
> >
> >
> > > Try  lsof -i -P | grep -i "listen"
> > >
> > > To see what ports are listening...
> > >
> >
> >
> >  [root@10 sysconfig]# lsof -i -P | grep -i "listen"  | grep vnc
> > Xvnc      22052   motor    4u  IPv4 527366      0t0  TCP
> > localhost.localdomain:5901 (LISTEN)
> > Xvnc      22286   motor    4u  IPv4 530145      0t0  TCP
> > localhost.localdomain:5902 (LISTEN)
> >
> >
> > >
> > > -----Original Message-----
> > > From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx]
> > > On Behalf Of Larry Martell
> > > Sent: Friday, October 11, 2013 6:05 PM
> > > To: CentOS mailing list
> > > Subject: Re:  VNC
> > >
> > > On Fri, Oct 11, 2013 at 3:42 PM, Terre Porter
> > > <tporter@xxxxxxxxxxxxxxxxxxxx>wrote:
> > >
> > > > Try this, iptables dump from my fresh install, with ssh allow and
> > > > the vnc you referenced.
> > > >
> > > > Terre
> > > >
> > > > # Generated by iptables-save v1.4.7 on Fri Oct 11 17:39:52 2013
> > > > *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT
> > > > [45:7091] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> > > > -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p
> > > > tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -m
> > > > state --state NEW -m tcp -p tcp -m multiport --dports
> > > > 5901:5903,6001:6003 -j ACCEPT
> > > > -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD
> > > > -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on
> > > > Fri Oct 11 17:39:52 2013
> > > >
> > > >
> > > OK, with this file I'm getting connection timed out - before I was
> > > getting connection refused so I guess that's some progress.
> > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx]
> > > > On Behalf Of Larry Martell
> > > > Sent: Friday, October 11, 2013 5:36 PM
> > > > To: CentOS mailing list
> > > > Subject: Re:  VNC
> > > >
> > > > On Fri, Oct 11, 2013 at 3:30 PM, Earl Ramirez
> > > > <earlaramirez@xxxxxxxxx
> > > > >wrote:
> > > >
> > > > >
> > > > > On Fri, 2013-10-11 at 15:18 -0600, Larry Martell wrote:
> > > > > > I'm trying to set up a VNC server using the instructions at
> > > > > >
> > > > > http://www.techrepublic.com/blog/linux-and-open-source/linux-101
> > > > > -e
> > > > > as
> > > > > y-
> > > > > vnc-server-setup/
> > > > > > .
> > > > > >
> > > > > > I am up to step 6:
> > > > > >
> > > > > > Step 6: Edit iptables
> > > > > >
> > > > > > In order for the VNC connections to get through, you must
> > > > > > allow them with iptables. To do this, open up the file
> > > > > > /etc/sysconfig/iptables and add
> > > > > the
> > > > > > line:
> > > > > >
> > > > > > -A INPUT -m state --state NEW -m tcp -p tcp -m multiport
> > > > > > --dports
> > > > > > 5901:5903,6001:6003 -j ACCEPT
> > > > > >
> > > > > > Save the file and restart iptables with the command:
> > > > > >
> > > > > > service iptables restart
> > > > > >
> > > > > > When I issue the restart command I get:
> > > > > >
> > > > > > iptables: Applying firewall rules: iptables-restore: line 1
> > > > > > failed
> > > > > >
> > > > > > [FAILED]
> > > > > >
> > > > > > Note that I did not have an iptables file before but there is
> > > > > > an iptables-config file.
> > > > > >
> > > > > > Can someone help me complete this configuration.
> > > > >
> > > > > Can you post the content of the file, I just edit the config
> > > > > file and I didn't get any errors when I issue the command
> > > > >
> > > > > $ sudo /sbin/service iptables restart
> > > > >
> > > > >
> > > > As I wrote, there was no iptables file. I created one with just
> > > > that one
> > > > line:
> > > >
> > > > -A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports
> > > > 5901:5903,6001:6003 -j ACCEPT
> > > > _______________________________________________
> > > > CentOS mailing list
> > > > CentOS@xxxxxxxxxx
> > > > http://lists.centos.org/mailman/listinfo/centos
> > > >
> > > > _______________________________________________
> > > > CentOS mailing list
> > > > CentOS@xxxxxxxxxx
> > > > http://lists.centos.org/mailman/listinfo/centos
> > > >
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS@xxxxxxxxxx
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS@xxxxxxxxxx
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > http://lists.centos.org/mailman/listinfo/centos
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > http://lists.centos.org/mailman/listinfo/centos
> >
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos