Can you hard-code an IP for the MAC? What about hard-coding IP addresses in
the rest of the machines you want to access using VNC? I only have two
machines on my LAN at home, and my situation is a bit different -- I'm
behind a NAT router which is also a 4-port network switch. But if I need to
access my machines at home, I just tell my router to port-forward port 5900
to my wife's Windows machine and port 5901 to my linux box. Or, I would, in
theory. In actuality, I only use one port -- the SSH port since I'm using an
ssh-tunnel.
How about something like this.. create an SSH tunnel to the MAC and
port-forward from it to the other machines on the LAN? That way you should
only need one port forwarded out of your modem. AND, you get a secure
connection that 1) is unlikely to be hacked or 2) sniffed. :-)
John
-----Original Message-----
From: PicaRules [mailto:[EMAIL PROTECTED]
Sent: Monday, January 10, 2005 11:47 AM
To: [email protected]
Subject: Re: Getting past *two* NAT routers
Joe,
Thanks. This is perfectly clear, and accurate. The DSL modem uses Ethernet,
not USB; I *do* have two NICs (10/100) in the Mac, and the Mac is known by
192.168.1.2 to the DSL modem, while it is 192.168.2.1 to the LAN. I *do*
have some control of the DSL modem, although as I said it seems it won't
allow me to increase the number of LAN clients. (Maybe this is because I
didn't change the LAN-side subnet mask from 255.255.255.252 to
255.255.255.0? I *can* change _Size of Client IP Pool_) There are more
settings available to me using Telnet than using the Web-based
configurator...
I wonder if an alternate solution is to reset the DSL modem's DHCP from
_server_ to _relay_ (and toggle _bridge_ from _No_ to _Yes_, one of the
Telnet-only _General_ settings?). I can set the Mac to access the WAN
through PPPoE; wouldn't the Mac itself then be assigned the public IP
address? In this case I would not be running two DHCP servers. But I'm a
little hesitant to try this because I don't know what else would require
setup. On the modem, there is a _NAT mode_ which can be _None_ or _SUA Only_
and a port/IP table under _SUA Only_; is this where I open ports? The OS X
NAT router gives me no control at all other than 'on' and 'off.' (The only
way I know what its IP range is, is by looking on a downstream machine.)
Joe Brown
-----Original Message-----
From: Joe Kexel <[EMAIL PROTECTED]>
Sent: Jan 8, 2005 9:57 PM
To: [email protected]
Subject: Re: Getting past *two* NAT routers
I am uncertain of exactly what your network diagram would be. I will
assume 2 nics in the Mac. One going to the modem (USB?) and one to your
lan. In that case, the DHCP servers are not a problem for each serves a
different network.
Not knowing all the details of OS X Internet Sharing, I guess its a NAT
configuration. Your big problem is that you are a running a NAT network
behind another NAT network. You will need port forwards on both the router
(to the Mac) and the Mac to each machine you wish to connect to. Use port
5900 to the Mac.
Normally for my clients I just connect to one machine via port forwarding
or SSH port forwarding and then use a vncviewer on that machine to get to
the rest of the lan. The double NAT can be difficult, if you do not have
control of the router.
If, you wish to have open ports for each machine directly, then you
continue with 5901 to the Mac and forward that to Machine A, 5902 to
Machine B and so on.
I hope this helps. I know more of Linux than OS X, I run Yellow Dog on a
G4. Anyway, good luck!
> Hello,
>
> My DSL is served by PPPoE; the DSL modem is a mini-router allowing only
> one (192.168.1.2) address. I think I understand the port assignments when
> a single router serves multiple boxes. But I serve my LAN via a second
> DHCP server, the Mac OS X box itself (Internet Sharing). So not only the
> modem but also the main box is both a LAN client and a DHCP server; it
> doesn't have a "real" IP address to begin with, and in fact is known by
> two (the PPPoE modem is given the real one). What will get me to the other
> machines on the LAN? Manual port setting?
> _______________________________________________
> VNC-List mailing list
> [email protected]
> To remove yourself from the list visit:
> http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
