Okay here's where i'm at;
I've set up a tightvnc server in my private network.
I have a remote client hooked to the internet via dial up, he/she has downloaded and installed tightvnc also.
here is the kicker.
My net is comprised of private addresses beind a cisco router which provides internet access via frac/T1.
how do i get the router to let the tight vnc connection happen? I know port forwarding is probably the answer, but to be honest i used cisco config maker to set the router up and am not really versed in cisco router configurations via telnet or hyperterm. as a side note, I am trying desperatly to get the remote user to go to some type of broadband connection so i have one ip address to work with, this seems a little more secure to me. I dint want my Lan hanging out in the open waiting for someone wiling/able to do as they may. are these concerns valid? the router config is below.
Router#show running-config
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname hostname
!
no logging console
enable password removed
!
ip subnet-zero
no ip domain-lookup
ipx routing removed
!
!
!
interface Ethernet0
description connected to EthernetLAN
ip address 10.222.XXX.XXX 255.255.XXX.XXX
no ip directed-broadcast
ip nat inside
ipx network XX
!
interface Serial0
no ip address
no ip directed-broadcast
shutdown
! not sure this even needs to be here as frame relay is no longer used
interface Serial1
no ip address
no ip directed-broadcast
encapsulation frame-relay IETF
service-module t1 remote-alarm-enable
frame-relay lmi-type ansi
!
interface Serial1.1 point-to-point
description connected to internet
bandwidth 1536
ip address 65.197.XXX.XXX 255.255.XXX.XXX
no ip directed-broadcast
ip nat outside
ipx network 9999
frame-relay interface-dlci 500
!
router rip
version 2
passive-interface Serial1.1
network 10.0.0.0
no auto-summary
!
ip nat pool router-natpool-1 65.197.XXX.XXX 65.197.XXX.XXX netmask 255.255.XXX.XXX
ip nat inside source list 1 pool router-natpool-1 overload
ip nat inside source static 10.222.XXX.XXX 65.197.XXX.XXX
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1.1
!
access-list 1 permit 10.222.XXX.XXX 0.0.0.XXX
access-list 100 permit udp any eq rip any eq rip
access-list 101 permit tcp any any established
!
!
ipx router rip
no network 9999
!
!
!
snmp-server community public RO
banner motd ^C the ususal stuff about connecting^C
!
line con 0
exec-timeout 0 0
password removed
login
transport input none
line 1
line vty 0 4
password removed
login
!
end
Any thoughts/ideas are greatly appreciated!!
TB
I've set up a tightvnc server in my private network.
I have a remote client hooked to the internet via dial up, he/she has downloaded and installed tightvnc also.
here is the kicker.
My net is comprised of private addresses beind a cisco router which provides internet access via frac/T1.
how do i get the router to let the tight vnc connection happen? I know port forwarding is probably the answer, but to be honest i used cisco config maker to set the router up and am not really versed in cisco router configurations via telnet or hyperterm. as a side note, I am trying desperatly to get the remote user to go to some type of broadband connection so i have one ip address to work with, this seems a little more secure to me. I dint want my Lan hanging out in the open waiting for someone wiling/able to do as they may. are these concerns valid? the router config is below.
Router#show running-config
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname hostname
!
no logging console
enable password removed
!
ip subnet-zero
no ip domain-lookup
ipx routing removed
!
!
!
interface Ethernet0
description connected to EthernetLAN
ip address 10.222.XXX.XXX 255.255.XXX.XXX
no ip directed-broadcast
ip nat inside
ipx network XX
!
interface Serial0
no ip address
no ip directed-broadcast
shutdown
! not sure this even needs to be here as frame relay is no longer used
interface Serial1
no ip address
no ip directed-broadcast
encapsulation frame-relay IETF
service-module t1 remote-alarm-enable
frame-relay lmi-type ansi
!
interface Serial1.1 point-to-point
description connected to internet
bandwidth 1536
ip address 65.197.XXX.XXX 255.255.XXX.XXX
no ip directed-broadcast
ip nat outside
ipx network 9999
frame-relay interface-dlci 500
!
router rip
version 2
passive-interface Serial1.1
network 10.0.0.0
no auto-summary
!
ip nat pool router-natpool-1 65.197.XXX.XXX 65.197.XXX.XXX netmask 255.255.XXX.XXX
ip nat inside source list 1 pool router-natpool-1 overload
ip nat inside source static 10.222.XXX.XXX 65.197.XXX.XXX
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1.1
!
access-list 1 permit 10.222.XXX.XXX 0.0.0.XXX
access-list 100 permit udp any eq rip any eq rip
access-list 101 permit tcp any any established
!
!
ipx router rip
no network 9999
!
!
!
snmp-server community public RO
banner motd ^C the ususal stuff about connecting^C
!
line con 0
exec-timeout 0 0
password removed
login
transport input none
line 1
line vty 0 4
password removed
login
!
end
Any thoughts/ideas are greatly appreciated!!
TB
