VNC server will not listen on interface that has been added
after VNC Service started
paresh masani
masaniparesh "at" gmail.com
Tue Jul 15 07:19:01 2008
Robin,
>>Y is receiving packets back from a
>>different IP address than it sent them to, therefore it is ignoring them.
Y machine is not receving packets from different IP address but from
different interface. I meant to say that machien Y receiving SYN ACK
from machine X from wireless IP only but the replies comes on wired
interface. As Y sent the packates on wireless IP, i think it should get
reply on wireless interface only right???
For this i have changed the metric on machine X such that wireless Interface
will have high priority but still i machine X replies to machine Y via wired
interface only, :-( Am i missing something here.
Thanks,
Paresh
On 7/15/08, paresh masani <masaniparesh "at" gmail.com> wrote:
>
>
> James,
>
> >>Are you sure that the details you've given below are correct? According
> to
> >>what you've specified you have:
> It is not a correct IP addresses. Its just an example. but i am sure that
> both the machines are in same network through wired but not throug wireless.
>
> >>Your problem doesn't appear to be anything specific to VNC, since it's a
> >>more general problem with the setup of your network.
> You are right. because if i remove wired connection cable then it is
> connecting successfuly via wireless IP address.
>
> I think i need to change my network architecture to make this working.
>
> Thanks,
> Paresh
>
>
>
> On 7/14/08, James Weatherall <jnw "at" realvnc.com> wrote:
>>
>> Paresh,
>>
>> Are you sure that the details you've given below are correct? According
>> to
>> what you've specified you have:
>>
>> Machine X:
>> Wired IP 148.88.162.134, netmask 255.255.252.0 => subnet 148.88.160.0
>> Wireless IP 148.88.163.239, netmask 255.255.192.0 => subnet 148.88.128.0
>>
>> Machine Y:
>> Wired IP 148.88.172.239, netmask 255.255.252.0 => subnet 148.88.172.0
>>
>> Ignoring the wireless for a moment, machine X and machine Y are on
>> different
>> subnets, and so cannot communicate directly as you describe in (3).
>>
>> The wireless link has a different netmask, which will cause things to
>> behave
>> unreliably - over the wireless link X thinks that Y is on the same subnet,
>> but Y doesn't think that, and so will try route packets back to X via a
>> gateway.
>>
>> Your problem doesn't appear to be anything specific to VNC, since it's a
>> more general problem with the setup of your network.
>>
>> Cheers,
>>
>> --
>> Wez @ RealVNC Ltd
>>
>>
>> > -----Original Message-----
>> > From: vnc-list-admin "at" realvnc.com
>> > [mailto:vnc-list-admin "at" realvnc.com] On Behalf Of paresh masani
>> > Sent: 14 July 2008 11:26
>> > To: Seak, Teng-Fong
>> > Cc: vnc-list "at" realvnc.com
>> > Subject: Re: VNC server will not listen on interface that has
>> > been added after VNC Service started
>> >
>> > Hi Seak,
>> >
>> > I got the exact output seauence about this problem. Please
>> > refer the following steps that i performed. Please note that
>> > wireless packates gone through the firewall.
>> >
>> > 1. Machine X has the two interface wired IP:
>> > 148.88.162.134netmask:
>> > 255.255.252.0 and Wireless: 148.88.163.239 netmask:255.255.192.0
>> > 2. Machine Y has one interface wired IP:
>> > 148.88.172.239 netmask:
>> > 255.255.252.0
>> > 3. Machne Y tries to take VNC of machine X via
>> > wired IP then it is working fine. For this the packates will
>> > not goes even to router also instead communication can be
>> > taken place via access switch as both machine are in same network.
>> > 4. Machine Y tries to take VNC of machine X via
>> > wireless IP then I could see the following situation using
>> > Ethereal packat tracer:
>> > - On machine Y I could see the
>> > packate SYN sent to machine X using wireless IP
>> > - On machine X i could see that
>> > packate SYN came from machine Y
>> > - machine X replied SYN ACK via
>> > wired connection( not via wireless :-( )
>> > - machine Y got the response SYN ACK
>> > packate from machine X
>> > - machine Y sending RST packate to
>> > machine X and this process get repeated 2 times and then VNC
>> > says connection times out.
>> > 5. If i removed wired connection cable then it is
>> > connecting successfuly.
>> >
>> > I think here firewall rejecting the packates from machine Y
>> > towards the wireless as firewall assume that only packates
>> > going but there is no incoming packate from machine X(because
>> > machine X replying via wired connection).
>> >
>> > Could you please help me on how to make this working.
>> >
>> > Thanks,
>> > Paresh
>> >
>> >
>> > On 6/30/08, Seak, Teng-Fong
>> > <lapsap7+vnc "at" gmail.com <lapsap7%2Bvnc "at" gmail.com><
>> lapsap7%2Bvnc "at" gmail.com <lapsap7%252Bvnc "at" gmail.com>>>
>> > wrote:
>> >
>> > > Well, there was no firewall drawn in your network
>> > topology in that
>> > > visio file. Anyway, admitting that you want to enforce security
>> > > measure, but you shouldn't make your networks like that.
>> > >
>> > > Just put two disjoint/mutually exclusive network (addresses) to
>> > > avoid problem. (Cf some network books.)
>> > >
>> > > I've no idea what you mean by "source machine replying
>> > ..." One
>> > > thing is sure, your router is lost by your config.
>> > >
>> > > On Mon, Jun 30, 2008 at 2:31 PM, paresh masani
>> > > <masaniparesh "at" gmail.com>
>> > > wrote:
>> > > >>> I really don't know why you have to specified two
>> > (supposedly)
>> > > >>>different network addresses for your wired and wireless
>> > connections.
>> > > > This has been done intensionally because of security reason. The
>> > > connection
>> > > > requests comes from wireless IP will be gone through FireWall and
>> > > > for
>> > > Wired
>> > > > firewall does not needed.
>> > > >
>> > > > Here I am not understanding why the source machine is
>> > > replying(presumably)
>> > > > via wired IP while the request came from the wireless IP.
>> > > >
>> > > > Thanks,
>> > > > Paresh
>> > > >
>> > > >
>> > > > On 6/30/08, Seak, Teng-Fong
>> > > > <lapsap7+vnc "at" gmail.com <lapsap7%2Bvnc "at" gmail.com><
>> lapsap7%2Bvnc "at" gmail.com <lapsap7%252Bvnc "at" gmail.com>>>
>> > > wrote:
>> > > >>
>> > > >> Oh man, you've totally screwed up the subnet
>> > addresses (and the
>> > > >> masks)! I don't have your Visio file any more, and thus I can't
>> > > >> remember which of your networks has the x.y.5.0 address
>> > and which
>> > > >> has the x.y.0.0 address, but the fact that one of your
>> > subnet masks
>> > > >> includes the other (and similar network addresses), it's very
>> > > >> likely that your router lost track of what to do.
>> > > >>
>> > > >> Actually, suppose you have the x.y.0.0 for your
>> > wired connection.
>> > > >> Using the subnet masks, you have:
>> > > >> x.y.0.0/255.255.252.0 ==> x.y.0.0 - x.y.3.255
>> > x.y.5.0/255.255.192.0
>> > > >> ==> x.y.0.0 - x.y.63.255
>> > > >>
>> > > >> You see, your wired connection is a part of your wireless
>> > > >> connections! You're not supposed to do that (please
>> > read network
>> > > >> reference book on this).
>> > > >>
>> > > >> I really don't know why you have to specified two
>> > (supposedly)
>> > > >> different network addresses for your wired and wireless
>> > connections.
>> > > >> I mean, I've setup about 6 wifi routers, and none of
>> > them needs me
>> > > >> to do so. Both wired and wireless use the same network
>> > address and
>> > > >> network mask.
>> > > >>
>> > > >> HTH
>> > > >>
>> > > >>
>> > > >> On Thu, Jun 26, 2008 at 1:06 PM, paresh masani
>> > > >> <masaniparesh "at" gmail.com>
>> > > >> wrote:
>> > > >> > Hmmm...You are right. We use different net-masks(255.255.252.0
>> > > >> > for wired, 255.255.192.0 for wireless) for both wired and
>> > > >> > wire-less connections.
>> > > >> > And also default gateways are different for both. I think the
>> > > >> > main reason having this problem is because of two different
>> > > >> > access point. I could see that when I am taking VNC of machine
>> > > >> > using wire-less IP then
>> > > destination
>> > > >> > machine showing incoming request saying SYN_RCVD state but I
>> > > >> > think it
>> > > is
>> > > >> > replying to source machine via wired connection and source
>> > > >> > machine is rejecting the response as it did not send
>> > any packat
>> > > >> > to specified
>> > > wired
>> > > >> > IP.
>> > > >> > What do you say? This might be problem.
>> > > >> >
>> > > >> > Thanks,
>> > > >> > Paresh
>> > > >> >
>> > > >> >
>> > > >> > On 6/23/08, Seak, Teng-Fong
>> > > >> > <lapsap7+vnc "at" gmail.com <lapsap7%2Bvnc "at" gmail.com><
>> lapsap7%2Bvnc "at" gmail.com <lapsap7%252Bvnc "at" gmail.com>>>
>> > > wrote:
>> > > >> >>
>> > > >> >> I can't give you the answer since you didn't specify the
>> > > >> >> subnet mask used in your network.
>> > > >> >>
>> > > >> >> If I take it as 255.255.0.0, then yes, yours is
>> > the same as
>> > > mine.
>> > > >> >> Well, almost, actually. The computer on which VNC viewer is
>> > > >> >> running only has wired connection; it has no wireless NIC.
>> > > >> >>
>> > > >> >> If I take it as 255.255.255.0, then no, they're different.
>> > > >> >>
>> > > >> >> Actually, I was talking about logical topology. Not
>> > > >> >> physical topology. And as a matter of fact, I don't think
>> > > >> >> having one access point or two access points would
>> > change anything.
>> > > >> >>
>> > > >> >>
>> > > >> >> On Wed, Jun 18, 2008 at 10:08 AM, paresh masani
>> > > >> >> <masaniparesh "at" gmail.com>
>> > > >> >> wrote:
>> > > >> >> > Thanks for doing testing. Could you please make
>> > sure that the
>> > > network
>> > > >> >> > topology you have tested and my network's topology(attached
>> > > >> >> > file)
>> > > is
>> > > >> >> > same.
>> > > >> >> > Please check all the three cases and Please let me know if
>> > > >> >> > real VNC will work in all cases or not.
>> > > >> >> >
>> > > >> >> > Thanks,
>> > > >> >> > Paresh
>> > > >> >> _______________________________________________
>> > > >> >> VNC-List mailing list
>> > > >> >> VNC-List "at" realvnc.com
>> > > >> >> To remove yourself from the list visit:
>> > > >> >> http://www.realvnc.com/mailman/listinfo/vnc-list
>> > > >> >
>> > > >> >
>> > > >> _______________________________________________
>> > > >> VNC-List mailing list
>> > > >> VNC-List "at" realvnc.com
>> > > >> To remove yourself from the list visit:
>> > > >> http://www.realvnc.com/mailman/listinfo/vnc-list
>> > > >
>> > > >
>> > > _______________________________________________
>> > > VNC-List mailing list
>> > > VNC-List "at" realvnc.com
>> > > To remove yourself from the list visit:
>> > > http://www.realvnc.com/mailman/listinfo/vnc-list
>> > >
>> > _______________________________________________
>> > VNC-List mailing list
>> > VNC-List "at" realvnc.com
>> > To remove yourself from the list visit:
>> > http://www.realvnc.com/mailman/listinfo/vnc-list
>> >
>>
>>
>