VNC Outbound (Full Version)

All Forums >> [ISA Server 2000 General] >> General


rkv -> VNC Outbound (2.May2003 1:52:00 AM)

I seen articles on allowing VNC inbound and it should be simple to allow it Outbound, but I have had no luck. There are times when I need to use VNC to connect to other clients. I have allowed VNC ports outbound but it still does not work. I have tried this with and without the firewall client. Any ideas anyone??

Darren Thompson -> RE: VNC Outbound (2.May2003 2:06:00 AM)

Try using your browser for your outbound vnc connections. The VNC server software listens on port 5800 sort of like a mini web server, and will send you a java applet so you can take over the machine. The url would be in the format of and ISA should just proxy it for you with no special filters required.


rkv -> RE: VNC Outbound (2.May2003 3:24:00 AM)

Thanks Darren,
I have tried to use the web based part of vnc and it will bring up the Java log in screen but will not go any further than that. I will double check my settings and let you know if I get it to work.

Darren Thompson -> RE: VNC Outbound (2.May2003 8:42:00 AM)

Sorry, VNC only uses port 5800 for the initial connection, then uses 5900 for the session. When you say "Allowed VNC ports Outbound", does that mean you have created a new protocol definition for VNC and then created a new protocol rule to allow the VNC protocol ?

rkv -> RE: VNC Outbound (2.May2003 2:18:00 PM)

That correct. I created protocol rules for VNC 5800 Inbound and OutBound and VNC 5900 Inbound and Outbound. I opened all doors and still can't get it to hit. I do get the java screen for log in but can not get past that.

jlyon -> RE: VNC Outbound (2.May2003 8:19:00 PM)

Just a question. Are you doing this through a VPN connection to another site, or just trying to go out ISA to an internet machine? I am pretty sure it is the later but wanted to be sure.


John Lyon

Darren Thompson -> RE: VNC Outbound (6.May2003 7:40:00 AM)

OK - I got it working. Quite simple really once I had a test system up and running.

I used an SNat Client, although fwclient should also work. Here's what I have:

Protocol Definition: "VNC Viewer", Port 5900, TCP, Outbound

Client Address Set: "VNC Clients", Specifying IP address of clients who wish to connect to VNC Servers

Destination Set: "VNC Servers" specifying the VNC servers you wish to connect to (I did it by IP address).

Protocol Rule allowing "VNC Clients" to use "VNC Viewer" protocol

Site and Content Rule "VNC" allowing "VNC Clients" access to "VNC Servers"

That's it

Good luck!


tshinder -> RE: VNC Outbound (6.May2003 2:43:00 PM)

Hi Darren,

Very good!


rkv -> RE: VNC Outbound (9.May2003 4:57:00 AM)

Thank You, Thank You.

Darren Thompson -> RE: VNC Outbound (9.May2003 5:20:00 AM)

You're welcome!

Nicholas Key -> RE: VNC Outbound (11.Sep.2003 5:35:00 PM)

Hi Darren and others...

Did anyone get this working when they installed ISA in Firewall mode? I just cannot get it to work, should I try creating another Protocol Definition for port 5800?

Thanks everyone,


Page: [1]