Re: Redirect domain to specific port

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ashley M. Kirchner wrote:

>    Is there a way to redirect a hostname/domain pair to a specific
> port? Let me explain: we have several Windows machines on our local
> network that run VNC server that folks then access from outside our
> network. Right now everyone connects by punching in the firewall
> address with the port number for their machine, for example
> firewall.domain.com:5901 resolves to my internal machine.

It might be time to re-think that architecture. For one thing, there
isn't that much security in the VNC architecture (especially with the
free clients).

How about...

 * setting up a VPN from each client to your local network? That gets
   everything encrypted properly and handles routing correctly.
   Depending on quite which VPN client you use, it could either query an
   internal DNS server on your local network to resolve hostnames to
   local IP addresses, or you could publish (say)
   ashley.internal.example.com *publicly* with the correct (RFC 1918)
   internal address, which will only be of any use if people can connect
   to the local network. (This could be considered a minor security
   problem, but it's much less than running unencrypted VNC).

 * requiring that everyone use SSH and/or PuTTY to connect, and tunnel
   VNC through SSH. You could give them a range of "scripts" / "Saved
   Settings" to choose from, which would forward port 5900 on the local
   machine to port 5900 on the right machine on the office network.

Hope this helps,

James.

-- 
E-mail:     james@ | Legacy (adj): an uncomplimentary computer-industry
aprilcottage.co.uk | epithet that means 'it works'.
                   |     -- Anthony DeBoer


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux