Reverse VNC is one of the things which can make your day when it will help you connect to some NAT-ed machine. And so it has made my day yesterday, enough to decide to write about it.

As everyone knows in direct VNC setup the client connects to the server which listen somewhere (usually on port 5900). If your vnc server is behind a network it might not be so easy to forward it’s vnc port to an external accessible machine so in this case reverse vnc might come in handy.

In a reverse vnc setup the vnc client actually listen to a port and the vnc server connects to the client.

Consider the following setup: windows vnc server (tightvnc) and linux vnc client (tightvnc also).

  • start the vnc client. The bellow command will start listening on port 5500 for a server.
xtightvncviewer -bgr233 -listen 0
  • in the server menu -> add client -> enter IP::5500

A more interesting idea is to have the client listen on port 80 to make sure the vnc server can connect. However the vncviewer does not know ports bellow 5500 so an external port forwarding mechanism is needed such as your router functionality or portfwd.

Comments:

Survey -

Do you have and idea how this port forwarding might be acheived without a special router? I ask because I am trying to do it right now. Maybe you could consider making it a topic for a future post.


len -

If your computer is directly connected to the internet you probably do not require any port forwarding but only to change your firewall settings to allow connections on the rev-vnc port. Otherwise it depends on each particular case. Most routers have this kind of option and with a linux router it can be done either from iptables or by using the portfwd application.