Need help here, i have tried various methods but i still can't get the android vnc to work..
The pc that i'm trying to remote is behind a router
Android (galaxy tab 7) public ip (on 3G connection) : 113.20.51.44
PC with VNC server : 186.172.1.23
public ip of the PC above : 116.14.55.23
port : 5722
I have tried setting it up like this
chain:dstnat dst.address:116.14.55.23 protocol:tcp dstport: 40 action dstnat:186.172.1.23 to ports : 5722
Then i run android vnc on my tablet with 116.14.55.23:40 but it doesn't work..
116.14.55.23:5722 doesn't work either..
-
-
jaysonbroughton
just joined
- Posts: 7
- Joined:
Re: Port forwarding for android vnc
denywinarto,
This might actually be a simple case of mistaken port numbers rather than NAT on your mikrotik. I've been able to successfully VNC to various servers/services from devices (be it an android, laptop, etc) in hotspots, work environments or the house without having to mess with NAT at whatever location I'm in. So I would first look at your server side setup (where VNC is setup). VNC server listens on 59xx for tightvnc and realvnc but with your description of 57xx I have no clue what vnc server that is? XX being the port designated by you for your remote screen. I tend to use various screens for various users (ex: 20 for one group of users (5920), 15 for sys admin work (5915) and so on and so forth.
So you need to take this in steps first.
1. Get behind your first router (PC with VNC - 186.x.x network) and attempt a VNC connection via: 186.172.1.23:22 (remember use the screen session you setup not the full tcp port)
If this works move on, if not check to make sure you setup the right screen session in vnc (play around with settings..look for Window or screen..you probably labeled it 22 or when you connect locally it shows your ip address:22)
Another test on the inside of the network, open up a telnet session from another computer and attempt to telnet to: 186.172.1.23 port 5722
If this fails then it's going to fail on the android through the mikrotik, check your vnc server. Make sure you even have the right TCP Port to begin with.
If you get a 'Connected to localhost' then your vnc server is working.
Now, fire up your android tablet and load your favorite Terminal client (I prefer ConnectBot) and attempt to make a telnet connection via either your phones internet or your mikrotiks internet to: 116.14.55.23 port 5722.
If this fails then the problem is the router that your PC is connected to requires port forwarding (firewall rules, nat) from your PC to an external address 116.14.55.23, with a (preferably) different port..Leaving the same port (ex:5900) forwarding back to a vnc session is akin to hanging up a giant billboard advertising that your running a vnc service on your internal network to anyone that wants to guess your password.
Now that I've actually taken a look at your very very brief forum post I can't tell if your 'router' that your talking about is a mikrotik that the PC is behind, or the android is behind the mikrotik, what your mikrotik is, or anything else..but just for giggles let's assume that I've played the role of IT for nearly 15 years now and go with it:
/ip firewall nat add chain=dstnat protocol=tcp dst-port=5722 action=dst-nat to-address=186.172.1.23 to-ports=5722
What this says is: If a connection on the outside of the world to 116.14.55.23 TCP 5722, route to 186.172.1.23 port 5722. drop the dst-address part from your origional post.
If indeed you are running this on a router, how about you dump your firewall, nat and address rules? that might make alittle more sense if the above solutions didn't solve anything.
~Jayson
This might actually be a simple case of mistaken port numbers rather than NAT on your mikrotik. I've been able to successfully VNC to various servers/services from devices (be it an android, laptop, etc) in hotspots, work environments or the house without having to mess with NAT at whatever location I'm in. So I would first look at your server side setup (where VNC is setup). VNC server listens on 59xx for tightvnc and realvnc but with your description of 57xx I have no clue what vnc server that is? XX being the port designated by you for your remote screen. I tend to use various screens for various users (ex: 20 for one group of users (5920), 15 for sys admin work (5915) and so on and so forth.
So you need to take this in steps first.
1. Get behind your first router (PC with VNC - 186.x.x network) and attempt a VNC connection via: 186.172.1.23:22 (remember use the screen session you setup not the full tcp port)
If this works move on, if not check to make sure you setup the right screen session in vnc (play around with settings..look for Window or screen..you probably labeled it 22 or when you connect locally it shows your ip address:22)
Another test on the inside of the network, open up a telnet session from another computer and attempt to telnet to: 186.172.1.23 port 5722
If this fails then it's going to fail on the android through the mikrotik, check your vnc server. Make sure you even have the right TCP Port to begin with.
If you get a 'Connected to localhost' then your vnc server is working.
Now, fire up your android tablet and load your favorite Terminal client (I prefer ConnectBot) and attempt to make a telnet connection via either your phones internet or your mikrotiks internet to: 116.14.55.23 port 5722.
If this fails then the problem is the router that your PC is connected to requires port forwarding (firewall rules, nat) from your PC to an external address 116.14.55.23, with a (preferably) different port..Leaving the same port (ex:5900) forwarding back to a vnc session is akin to hanging up a giant billboard advertising that your running a vnc service on your internal network to anyone that wants to guess your password.
Now that I've actually taken a look at your very very brief forum post I can't tell if your 'router' that your talking about is a mikrotik that the PC is behind, or the android is behind the mikrotik, what your mikrotik is, or anything else..but just for giggles let's assume that I've played the role of IT for nearly 15 years now and go with it:
/ip firewall nat add chain=dstnat protocol=tcp dst-port=5722 action=dst-nat to-address=186.172.1.23 to-ports=5722
What this says is: If a connection on the outside of the world to 116.14.55.23 TCP 5722, route to 186.172.1.23 port 5722. drop the dst-address part from your origional post.
If indeed you are running this on a router, how about you dump your firewall, nat and address rules? that might make alittle more sense if the above solutions didn't solve anything.
~Jayson
Who is online
Users browsing this forum: No registered users and 18 guests