0

I have a computer (I own) behind a firewall I do not. I am trying to VNC/SSH/Remote Desktop/Whatever into it from outside that firewall. The firewall blocks all inbound traffic, but no outbound traffic, so the premise of my question is, is there any kind of push-based remote program or protocol such that instead of listening for inbound connections, the machine behind the firewall pushes content to an outside machine and is accessed and controlled that way?

dimo414
  • 385
  • 1
  • 3
  • 16

3 Answers3

2

The main way to do this is to have a VPN (Virtual Private Network) running between your PC and the other PC. This then encapsulates whatever you're trying to send into a TCP packet (so you could actually route IPX over a VPN if you really wanted) and sends it through the firewall, encrypted, so that nobody can read it.

Essentially it's like running a super really really long network cable using the internet (and with all the foibles that that introduces).

The easiest way to do this is with a piece of software called Hamachi. You install Hamachi at both ends, join them both to the same network, and it will try and tunnel its way through the internet and the firewalls to create a seamless, stateful connection between the two PCs.

If it can't create a nice connection, it will act as a man-in-the-middle, transferring your data for you. On the free editions, this relaying is slow, but a paid subscription will greatly increase the throughput.

If you can't even get to their man-in-the-middle server, well then you're stuffed.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
  • +1 for Hamachi suggestion. I love it for situations like this. – Chris_K Sep 01 '09 at 00:11
  • +1 for the Hamachi recommendation. I use it all the time to Remote Desktop or VNC into my work desktop from home or one of our other branch offices. Easy to install and just works. – Glenn Sep 01 '09 at 00:14
  • It's great for bypassing corporate firewalls to expose your internal network to anyone who manages to compromise any other PC in your hamachi group :) – Mark Henderson Sep 01 '09 at 00:14
  • This is exactly what I was looking for, even better than I expected. One question, do the assigned IP addresses persist (reasonably enough that you could assign domain names) or is the ip address not guaranteed between connections? – dimo414 Sep 01 '09 at 01:45
  • The IP address you get is from a private subnet (5.x.x.x), so there's no way you can access that IP from the internet. That said, the IPs are static until you delete your account, so you can safely enter them into a hosts file or your DNS. – Mark Henderson Sep 01 '09 at 01:50
  • (Well, it's not actually a private subnet, it is technically publically routable, but it's reserved, so shouldn't be used) – Mark Henderson Sep 01 '09 at 01:53
0

Logmein (free version) can do this.

JS.
  • 3,901
  • 22
  • 18
  • Funnily enough, logmein and hamachi are by the same company these days. They seem to have found themselves quite a niche market. – Mark Henderson Sep 01 '09 at 00:15
0

Perhaps you can use a reverse tunnel with SSH.

set up the vnc server in the normal way:

inside% vncserver :16

make a reverse tunnel to the host where we want to run the viewer:

inside% ssh -R5917:localhost:5916 user@outside

now on the outside...

outside% vncviewer :17

Will Partain
  • 11
  • 1
  • It would be interesting to see if this works, but Hamachi makes it /so/ incredibly easy, I never would have imagined it was so easy. – dimo414 Sep 02 '09 at 01:25