Did The Work Firewall Nazis Strike Back?
June 2, 2006 7:54 AM Subscribe
Warning: Networking Geekery Ahead Once upon a time I was able to use VNC viewer (the binary executable, not the java viewer) on my work Windows XP PC to connect to VNC server on my home Windows XP PC via Port 443. This allowed me to view and control my home desktop in a window on my work PC and thereby do an end run around the restrictive web filter/firewall at work. It was slow, but it was still useable and reliable.
I stopped using it for a couple of weeks when I lost my USB key. I recently found it and tried my VNC connection again from work. It doesn't work now.
posted by de void to Computers & Internet (15 answers total)
Specifically, once I click on "OK" for it to connect, it takes about 2 minutes and then comes back with a dialog box that says:
"read: Connection reset by peer (10054) Do you wish to attempt to reconnect to WW.XXX.YYY.Z:443? Yes/No""
I can still connect to https://www.example.com sites, so obviously port 443 isn't completely disabled at work's firewall. Is it possible that the work firewall is actually inspecting packets on 443? Any ideas on how to get around it if they are? Any other tests I can try to pinpoint the problem?
Here's the current setup:
Desktop Windows XP PC running RealVNC Enterprise Server in user mode (not service mode) on Port 443, encryption on, password required to connect. Java server is disabled. The VNC Server IP access filter is currently set to simply "+", which allows connections from anywhere. Windows XP Firewall is disabled. IP address is 192.168.1.100
Linksys WRT54GS Router/Firewall with Port 443 forwarded to Home PC's LAN IP. Local IP is 192.168.1.1, external IP is WW.XXX.YYY.Z (not going to give the actual IP for obvious reasons).
Home ISP is a big cable company which blocks common server ports 80 (http), 21(ftp) and 25 (smtp), but not 443.
Windows XP PC running VNC viewer executable from USB drive.
Networking through corporate LAN/Firewall with a several routers/network segments between work PC and firewall.
Troubleshooting steps I took this morning -
Verified VNC Server IP Filter is set to "+", which allows connections from anywhere.
Connected to VNC server on my home LAN using a laptop which connects to the WRT54GS wirelessly. On the laptop VNC viewer I connected to "192.168.1.100:443". I was prompted for a password and then was able to view/control my desktop desktop just fine.
Back on the desktop I used firefox to connect to a web-based port scanner. It reported my external IP as WW.XXX.YYY.Z, as expected. I closed the VNC server and then requested the web port scanner to connect to port 443 on my desktop. It couldn't connect.
I then restarted VNC server and asked the port scanner to connect again. It then reported port 443 as open and active. Looking good.
I haven't tried to connect from an external internet host other than work yet; that will be the next step.