Recommended Posts

Hello, I am facing issue  , I need to access google cloud hosted compute machine running centos 7  on my windows 8 laptop 

I am successful at making ssh connection 

However, vnc connection doesn't work with my university network but runs fine on my cellular data or other external networks

I tried changing the port number of vnc server from 5900 to 35548 but that doesn't work

I even tried the ssh tunneling via putty as shown in a video on youtube but again it seems to have used the same port number as 5900 

I suspect that this university network 5900 ,also earlier when I hosted windows 2012 server its rdp didnot work on the university network

Also ,tried teamviewer but teamviewer doesnot work on server 

Going to univ network center is my last option .Please help

What exactly are you trying to do??

 

Your trying to access google compute machine??

 

Sounds like your trying to circumvent your univ filtering of outbound connections??  If you can make a ssh connection to this compute vm, then you could tunnel through that connection and do whatever you wanted, vnc, etc. Yeah if your server is 5900 that would be the port you would use, just through the tunnel.

 

Not sure what your question is about 2k12 and rdp?  Without details of network impossible to say what you were doing wrong.  As to TV running on server versions of windows - yeah it does!

Ok, sorry for all this messed up things, I am completely new to linux and networking when it comes to practical.

I will go again on my problem , I have a google compute instance (server) running on google datacenters. I have installed centos 7 on my remote server. I can access the centos 7 remotely via ssh connection in Putty . My laptop has normal windows os i.e. windows 8.

In order to take graphical access I need vnc access . Thus , I installed tiger vnc server on my remote server. Then tried to take access by the vnc viewer , vnc viewer fails on my university network  . But is fine on any external net such as cellular data or dongle. Now this is surely some port blocking or firewall , mostly port 5900 I  guess  . Going to university network center is an option but its the last one. I saw that through ssh tunnel we can tunnel our vnc connection .So I watched few videos on that but it doesn't seem to help (maybe I am doing something wrong)  ,Here are few things that I tried and failed

1) Changed the vncserver port from 5900 to some random port value  3400 etc (taken into account the consequences such as adding new port to firewall,etc)

    It changed , but it gave me strange results , like when vncserver was actually running it wasn't listening on that particular port

   The proof is that when I netcat i.e.when I type in my centos 7 terminal  nc 189.134. 5901 I get a reply as RFB 03.something (which means my vnc is working fine on ip:5901)

  When port number was changed I typed same command with different port number say nc 189.134.wahtever 35549 , I got reply as connection timed out or refused.

 I tried all types of things, accessed log files of vncserver find out what port its running on, even examined the process and tcp connections using netstat ,everything was normal only it wasn't  listening on that port.(nc command never returned me RFB as a response)

    Here's how I changed it http://itstudent.org/blog/?p=631

    But it failed too.

 

2) I tried tunneling as per shown in videos 

     opened putty -> loaded normal ssh configuration file ->, then in tunnels option entered source port as 5901 and destination as localhost:5901 or even tried this  "server external ip address:5901"

    and  -> then opened the vnc viewer entered, localhost:5901 or server ip address:5901 and then tried to connect but failed again. 

 

If this doesn't form a correct picture do let me know , I am noob in this so I don't know how to do this stuff exactly. Sorry again for any inconvenience. And yes I am not trying to circumvent my univ network. Its just I am avoiding to go there. As a last option I would go. Thank you for your help and feedback . You were the quickest. 

 

Tunneling Screenshot.png

Tunneling Viewer Screenshot.png

VNC Viewer Screenshoty.png

Umm why would you try to VNC onto "localhost" on any port? localhost is your own computer, the same one you are running vnc on, are you trying to use port translation?...also are you sure you have configured the port on your client and on the server too cos it sounds like the server isn't expecting you to use any port other than 5901.

 

Can't you reconfigure the port on the server and just use the same port on both ends?

 

5901 is a common vnc port and on a uni network it was bound to be disabled as they probably use it themselves.

Check these out:

 

http://www.uaf.edu/arsc/knowledge-base/vnc-and-ssh-port-fowardin/index.xml

 

https://intranet.cs.hku.hk/csintranet/contents/technical/howto/putty-portforward.jsp

 

http://cects.com/ssh-local-and-remote-port-forwarding-with-vnc/

 

This may also be your problem, your vnc session may have been blocked by the server:

 

http://stackoverflow.com/questions/26813070/google-compute-engine-getting-blocked-after-accessing-ssh-a-few-times

 

Apparently you might need to whitelist your university IP on the server to stop it blocking you, if that's what is happening.

"And yes I am not trying to circumvent my univ network. Its just I am avoiding to go there"

 

Huh???  In one sentence you say you can not get to your google compute machine from your univ, then you say your trying to avoid going there - go where?  Google compute?

 

Lets go over some basics.. Does not matter where you currently at!!

 

Can you ssh to your google compute machine?  If so vnc is listening on what port? 5901?  On what IP?  Its public IP, its loopback, all of them?  from your ssh connection to your google compute box do a netstat or sockstat for your listening ports.  What does it show listening on 5901??

 

Does not matter firewall at your location, or firewall at other location if you can ssh then you can tunnel through this ssh tunnel and hit the remote machine vnc..

 

Yes in a ssh tunnel, the port you listen on locally can be anything, you connect to this local listening on port with your vnc client after you have created the ssh connect with the tunnel.  Your ssh client than ses oh traffic to my local port X, send it down the tunnel to IPX:portY..

 

There are a bajillion guides on the net on how to vnc through a ssh tunnel..

Thank you all ,For your response 

The thing is I am avoiding to go to network center at my university because they are very slow people and will take lot of explanations to explain them , Basically they are not so cooperative , thats why I am avoiding them( network people at my univ ) ,If it is the case that google compute machine has blocked my ip then ,I will need to contact them . Which I will do if all fails. My tunneling is flop because I dont know much of it ,It was very first time , Thank you PsychoKilla for the links ,I will surely try those. As +budman has suggested I will try netstating or sockstating the server and examine the case more deeply. 

And Psychokilla - I tried to reconfigure the vnc server base port which is 5900 to some random say 3400 but it fails .

I dont think it is needed to reconfigure the port on vnc viewer(correct me if I am wrong)  as we specify the the port for connection say server ip addeess :5901  like that . So just the new port right ? like server ip address:3401 . 

Also I dont think I need to install ssh daemon on server as it is installed by default and I can connect to it using my putty . So the server side ssh server is taken care of. 

I will try all the solutions listed by you both and will let you know the results asap . Thank you again . 

For some VNC viewer clients, including the one you're using, to specify a different port, you do so after a double colon, rather than a single colon, e.g 127.0.0.1::5901 (see the text underneath the "Remote Host" textbox)

 

This is because linux systems can run multiple 'displays' which can be connected to via VNC, and they use the single colon notation for the display number, to connect on a different port, you need to use two colons.

 

Note, you only enter the port like this in your VNC client, not in Putty when you're configuring the tunnelling, use the single colon notation there.

Hey, Guys thank you for your solutions it was great to get feedback from you. I am happy to announce that my problem has been finally solved. What I did is listed below

 1) Instead on vnc used xrdp which is RDP server for linux server os. 

Why? because I couldn't properly get vnc running on the server. It was working fine then I don't know exactly I installed something did many tuts on that and it started malfunctioning i.e. I was not able to start that typical vncserver.service.1 so I reset my google instance, installed vnc again and was again stuck with vncserver.service .1 ( the name is not perfect but somewhat like that) not being able to start. But service.2 something was able to start which runs on display 2 and when you take access (through the external net) it used to give me an error message on my remote desktop as something went wrong log out and all. I think it was due to my main display wasn't shift to display 2. I also realized that I didn't add ports 5900 into the firewall.Google Cloud has another networking section in its console browser window and if we don't add firewall rules there we can't realize them in our VM even if we add them on the VM's os like using some command to add them to firewall in a Linux terminal. Also, tried that random port experiment again and was succeeded in running vnc server on port 17333 but got blocked in a proxy net of university when trying to view through vnc viewer. So basically vnc started giving many problems.

Link to install xrdp-  http://www.itzgeek.com/how-tos/linux/centos-how-tos/install-xrdp-on-centos-7-rhel-7.html

2) Confirmed that it wasn't port issue 

In this what I did is made sure that it wasn't the fault of port 5900, I started a vncserver on windows(on my laptop) using TightVNC (It's free and easy to install)  and tried to take its access from my android device using Remote Ripple (TightVnc's android vnc viewer) and was succeeded as android and laptop were on the same network, repeated it by replacing android with the other PC on the network was again succeeded. So that made sure that it wasn't with the port number.

 

3) Then as  PsYcHoKiLLa suggested it may be that server was blocking my ip address  (this is because this univ has strange IP addresses may be due to they have the different net, even  Instagram doesn't let me like anyone's post as it says I have a different IP address, I used to thought it was proxy)

But I didn't know how to exactly stop that, as the link provided talks about ssh server blocking the ip address . I was unsure if the vnc does the same. So I was planning to investigate this matter in detail.

 

4) Successful Tunneling, After searching this link http://cects.com/ssh-local-and-remote-port-forwarding-with-vnc/ provided by  PsYcHoKiLLa I was pretty sure that I would be able to do this but again got stuck at running this command  ssh -R 6999:localhost:5901 user@192.168.1.3 (don't  worry I replaced username and IP address with the relevant one ). I was having problem with ssh keys which are established at the start of the session , basically, vm has to be transferred public or private key and whenever it needs to authorize it checks those keys.Now I was connecting through putty on windows, And putty doesn't send any keys to vm. Although google chrome's ssh extension was able to do it ,and through that I was able to run that port forward command too but It didn't help when I again tried to connect vnc or rdp by saying localhost:portnumber , All steps were like those mentioned in the link.But I guess that would have been beneficial if that would have happened through putty. 

Then I thought I would tunnel the rdp through ssh 

Link -http://klinkner.net/~srk/techTips/ssh-remote/

Followed this tutorial  very religiously and boom, I was able to rdp the server via ssh tunnel

I realized that when tunneling through Putty, Putty provides the easy GUI called tunnel option on the left panel to add port forwarding rules.(Although, in previous tuts, I followed the same step but was entering IP addresses and port numbers in a wrong way)

 

5) Future plan & Current Problem - Although, I am successful at making a tunnel through ssh for xrdp , The performance of xrdp was slow, I think it maybe due to the internet speed or maybe xrdp is simply not that good enough as vnc.

Plan - Now I got how this port forwarding thing works in Putty windows, Its just a matter of time that I will reformat the VM instance and tunnel the port 5900 through ssh. And have an uninterrupted vnc session.

 

6) Final Thoughts - I think the problem was server was rejecting my connection due to strange IP address , I guess. I am working in IITB currently so they must be having a different net. Still I am not sure as in this was only the problem.

 

7) Some useless Stuff that got tried - Tried changing proxy settings here, we have two lines in our office ,one is normal university line and other is startup line , But both uses same firewall .So switching was useless. 

 

Thank You once again, Guys.

I am pasting the link again as the final solution -  http://klinkner.net/~srk/techTips/ssh-remote/

 

 

 

 

Yes tried that , It works , the vnc port number got successfully changed ,although I had to add that port number into firewall specified by google  cloud's networking section. (that networking section can be found on console.google.com and on left side menu you will see networking)

But even though I change it to random port number and the service successfully runs there ,still I wasn't able to view it in my vnc viewer by university internet. (while vnc viewer connected when using external net such as my cellular data ,3G I use on my phone).

All pointing to only one inference that port numbers weren't blocked here and it was my wrong assumptions at first hand that ports are blocked.

New update - I was able to do vnc connection via Putty ssh tunnel  while remaining on university net. Although ,its not opening in my desired dimension ,that something seems to be little problematic but trivial,I will take care of it later

This topic is now closed to further replies.
  • Posts

    • The EU regulations force companies to respect users privacy, choice and data. Something all tech companies have abused to the hilt and would continue to do so if it wasn’t for important legislation and laws the EU brought in, which have been adopted elsewhere around the world. The EU can be a nuisance, but they actually do more good than harm. Forcing Apple, Google, Microsoft etc to make changes hasn’t negatively impacted anyone apart from their financials as they aren’t free to pillage our data like they once were, unless they explicitly provide options to obtain consent.
    • Windows 10 Enterprise IoT LTSC will continue getting updates until January 2032. I would expect support from most programs to continue until then. Firefox still supports Windows 7 (until the end of August), which will be just over 16 years since release. Windows 10 will be of a very similar age in January 2032. I'm sure some things like games will move on earlier, but I imagine a Windows 10 machine will be safe and usable for a long time to come yet, despite the pressure and fearmongering from those who stand to gain from selling you a new PC.
    • Refined dock and bug fixes land in latest Elementary OS 8 updates by David Uzondu If you're running Elementary OS 8, there's a new round of updates available, bringing some neat enhancements, particularly to its signature Dock and the underlying window manager, Gala. If you are not familiar, Elementary OS positions itself as a polished alternative to Windows and macOS. It runs its own custom desktop environment called Pantheon, with Gala handling all the window management magic, like animations and how windows behave. In the new update, the Dock gets some notable new tricks, including the return of a couple of features that old-school Plank (the Dock's foundation) users might remember. For starters, the Dock now shows multiple indicator dots beneath an app icon if you have more than one window open for that application, which is useful for quickly seeing what is running. Plus, if you are dragging something and hover over an app icon in the Dock, it will cycle through that app's open windows, making it easier to drop your item into the right place. You can also now long-press an app icon to bring up its context menu, a nice touch for those who prefer that interaction. The elementary OS team also squashed some bugs related to hide modes and memory usage, keeping things running smoothly. Gala itself recently got a massive update, addressing around 20 reported issues and introducing a brand new Gesture Controller. This means users can now swipe up in the Multitasking View to close windows, a slick and intuitive gesture. App titles are now always shown in Multitasking View, a significant improvement for touchscreen users. Users also get notified when they take a screenshot with a keyboard shortcut, and this notification lets them jump straight to the image in Files. Some other welcome Gala improvements include saving window states on sleep and shutdown, and fixing an annoying bug where menus might only show once. For gamers, a fix for Lutris Flatpak installations causing Gala to crash with GE Proton setups will be a relief, and users of the Postman app will be happy to know that window captures for it are no longer partially rendered. Shifting back to Elementary OS 8, in System Settings, choosing light or dark mode properly snoozes your schedule instead of outright disabling it. The Reduce Motion setting has been expanded to cover a wider array of animations, which is a blessing for folks prone to motion sickness. Hotcorners got some fixes too, and there is a new option to keep them active even when an application is full screen. Other notable updates include added screen reader support for notifications and the shortcut overlay, fixes for Flatpak sandbox issues that affected apps like Steam, and the latest version of GNOME Web, which brought better performance and a redesigned bookmarks sidebar. You can download all these updates by opening System Settings, heading to System, and hitting "Update All."
    • WSCC - Windows System Control Center 10.0.0.8 by Razvan Serea Windows System Control Center is a free, portable program that allows you to install, update, execute and organize the utilities from various system utility suites. WSCC can install and update the supported utilities automatically. Alternatively, WSCC can use the http protocol to download and run the programs. WSCC is portable, installation is not required. Extract the content of the downloaded zip archive to any directory on your computer. Free for personal use. The setup packages and updates are downloaded directly from their author's website! This edition of WSCC supports the following utility suites: Windows Sysinternals Suite (including support for "Sysinternals Live" service) NirSoft Utilities Mitec and more... WSCC - Windows System Control Center 10.0.0.8 changelog: Update Manager: scheduled updates will run even if WSCC is already running minor user interface improvements Download: WSCC (64-bit) | 6.9 MB (Free for personal use) Download: WSCC (32-bit) | 6.2 MB View: WSCC Homepage | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • It seems I was wrong. Modifying the registry manually does not have an effect at all, even after restart. Just use ViveTool for now. I'm going to need to investigate this...
  • Recent Achievements

    • Posting Machine
      Fiza Ali earned a badge
      Posting Machine
    • One Year In
      WaynesWorld earned a badge
      One Year In
    • First Post
      chriskinney317 earned a badge
      First Post
    • Week One Done
      Nullun earned a badge
      Week One Done
    • First Post
      sultangris earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      185
    2. 2
      snowy owl
      130
    3. 3
      ATLien_0
      127
    4. 4
      Xenon
      119
    5. 5
      +Edouard
      89
  • Tell a friend

    Love Neowin? Tell a friend!