Not what you were looking for? Ask our experts!
Reply
Visitor
davidg1301
Posts: 6
Registered: ‎01-25-2013

NIS and VNC

I have a 2 PC network at home and wanted to access both PC remotely.  Both these PC are running NIS V20.2.1.22

 

I installed VNC and configured the router to forward port 5900 to the IP address of the first PC and port 5901 to the second PC.  I can access the first PC (configured as the "server") using VNC Viewer.  When I try to access the second PC, NIS (on that pc) reports in the Security History the following message:

 

"Unused port blocking has blocked communications.  Inbound TCP connection from 192.168.0.3 local service port 5900"

 

I tried setting up a firewall rule to allow Ports 5900-5901 but to no avail.  I still get the same unused port blocking message.

 

Can anyone assist please

Super Phishing Phryer
DaveH
Posts: 5,684
Registered: ‎01-06-2010

Re: NIS and VNC

Go to the second PC (the one giving the error) and open the network security map and assign "full trust" to the first computer.

Then remove your rules to open ports and give it a try.

If you still have problems fo into the Smart Firewall > Program control, find the VNC server and change it from Atuto to Allow.

 

Also verify that your using the internal IP addesses or "computer names" to connect.

You don't need to forward any ports in the router unless your trying to make a connection from the internet.

Internal network connections don't need anything forwarded.

 

Dave

Visitor
davidg1301
Posts: 6
Registered: ‎01-25-2013

Re: NIS and VNC

Thanks for your suggestions Dave. 

 

I tried all you suggested but unfortunately no change.  

 

In terms of using the local IP address versus the internet address, the same issue exists.  Whether I try to connect "locally" using the IP of the 2nd computer or try to access via the net, I get the same "unused port blocked .." message.  When trying to access more than one PC via an instance of a VNC server, the adress of the second PC must be resolved and forwarded on a different port to that of the server

 

I wonder why the firewall rule is not resolving the issue? Any other suggestions would be appreciated   

Contributor
dred_lukz29
Posts: 19
Registered: ‎01-26-2013

Re: NIS and VNC

Hi David,

 

Try checking the settings of the program rules under the smart firewall settings. Check if your VNC application is set to allow. If not change to allow and try to connect. :smileyhappy:

Super Phishing Phryer
DaveH
Posts: 5,684
Registered: ‎01-06-2010

Re: NIS and VNC

[ Edited ]

Right click on the norton icon by the clock, select  "disable smart firewall" choose 15min or longer.

Does it connect now?

 

What flavor of VNC is this, real, ultra, tight, etc?

 

Edit- If your using RealVNC I'm pretty sure since your not using the default port on that system you have to connect into it from the first computer using IPaddess:1

192.168.0.2:1

(I'm guessing on the .2 part)

Or use a douple colon and the actual port 192.168.2::5901

If thats the cause then the Norton error makes perfect sense now.

Visitor
davidg1301
Posts: 6
Registered: ‎01-25-2013

Re: NIS and VNC

Thanks Dave and dred_lukz29 for your on-going input.

 

To clarify the setup:

RealVNC Server (Personal) is running on PC1 IP address 192.168.2.  The second PC does not have any VNC software running at all.  Its address is 192.168.5.  Using a third PC (laptop) and running VNC Viewer, I enter the INternet IP of my router (or the internal IP 192.168.2) and I can connect happily to PC 1.  In order to connect to the second PC in the VNC Viewer console you enter 192.168.2:1 This instruct the server to use port 5901 rather than the default 5900.  Of course the router must be configured to port forward port 5900 to 192.168.2 and port 5901 to 192.168.5.  All of this is correctly setup.  Note the double colon is used when you are NOT using the default port range commencing 5900

 

Following Dave's advice I I have reconfigured NIS on PC 2 fully trust PC1 and currently have no firewall rules to allow comms from ports 5900 and 5901.  When I attempt to connect using VNC viewer, PC 2 NIS reports the Unused Port 5901 blocked message.

 

Yes dave I tried turning off the smart firewall and I did get a different response.  This time VNC reported the error as "Connection refused" so clearly NIS is playing a part somewhere.  Under this scenario, I still received the Unused Port 5901 blocked log message.

 

Appreciate any further suggestions on resolution.

SendOfJive
Posts: 10,755
Kudos: 4,795
Solutions: 776
Registered: ‎02-07-2009

Re: NIS and VNC


davidg1301 wrote:

Yes dave I tried turning off the smart firewall and I did get a different response.  This time VNC reported the error as "Connection refused" so clearly NIS is playing a part somewhere.  Under this scenario, I still received the Unused Port 5901 blocked log message.


Can you please clarify this?  If the Norton Firewall is disabled, how could you get a firewall log entry?  Also, if the firewall is turned off, and VNC then reports that it cannot connect, the issue would have to be caused by something other than the Norton Firewall.

Visitor
davidg1301
Posts: 6
Registered: ‎01-25-2013

Re: NIS and VNC

Apologies the Unused Port Blocked message only appears with Smart Firewall on.

 

I take your point that with the smart firewall off and VNC reporting "Connection refused" something else is also involved.  If I can get this resolved then I will still be faced with NIS blocking Port 5901

SendOfJive
Posts: 10,755
Kudos: 4,795
Solutions: 776
Registered: ‎02-07-2009

Re: NIS and VNC

Did you move your custom firewall rule to the top?

Super Phishing Phryer
DaveH
Posts: 5,684
Registered: ‎01-06-2010

Re: NIS and VNC

[ Edited ]

davidg1301 wrote:

Thanks Dave and dred_lukz29 for your on-going input.

 

To clarify the setup:

RealVNC Server (Personal) is running on PC1 IP address 192.168.2.  The second PC does not have any VNC software running at all.  Its address is 192.168.5.  Using a third PC (laptop) and running VNC Viewer, I enter the INternet IP of my router (or the internal IP 192.168.2) and I can connect happily to PC 1.  In order to connect to the second PC in the VNC Viewer console you enter 192.168.2:1  


I can't tell if these are typos or if ths is the problem.

You state that 192.168.1.2 is PC1 IP address, then you state it is the router address.

 

This line here also is confusing:

"In order to connect to the second PC in the VNC Viewer console you enter 192.168.2:1".

That would be incorrect because the second computer IP address will not be the same as the first computer.

 

I'll try to explain, please forgive me if this is just my confusion.

 

I'm going to make up some numbers here, they may or may not be your internal IP addresses.

 

The router is the gateway, lets say it is 192.168.1.1

Lets say computer 1 is 192.168.1.2  (it's running VNC on the default port5900)

Lets say computer 2 is 192.168.1.3  (it's running VNC on port 5901)

 

Computer 3 has VNC viewer, it doesn't matter what the IP address is.

To connect into computer 1 the address would be: 192.168.1.2  (thats all you need since it is the default port).

To connect into computer 2 the address would be: 192.168.1.3:1  (note that is the address of the second computer, not the router or the gateway).

 

Without using VNC at ll, computer 3 should also be able to ping the other computers by opening up a command prompt.

ping 192.168.1.2  (should get 4 good replies from computer 1)

ping 192.168.1.3 (should get 4 good replies from the second computer).

 

Port fowarding in the router will only be used when a connection is made from the internet, from outside your home network.

There is no such thing as forwarding ports "inside" a network.  It also should not be necessary to open any ports in the firewall because your systems should be set for shared or full trust.

 

Sorry If I misunderstood.

Dave