Isn't it possible that you used LoopbackOnly set to 1 and Teraterm
forwarding to a.b.c.d instead of 127.0.0.1? This is important ...
Regards,
Miroslav Luptak
>
> Hello All,
>
> I'm attempting to connect via SSH port forwarding. Want to allow *_only_*
> tunneled connections via SSH to VNC.
>
> No matter what I try, I cannot get it tightened down to *_only_* tunneled
> connections. The best I can get is tunneled & direct allowed at the same
> time.
>
> >From what I can see, I think that I have the SSH port forwarding set up
> correctly - after all, it works if I connect to 127.0.0.1:1 when I have the
> AllowLoopback registry entry set. But as to the actual cause of the problem
> - I'm stumped. Any suggestions?
>
> Below is what I hope is a complete description of my test environment and
> the results.
> -----------------------------------------------------------------------
> VNC host is a WIN NT server, sp6a, 128bit encryption.
> SSHd is Brandon Zehm's sshd1 for WinNT.
>
> Client is a WIN NT workstation, sp6a, 128bit encryption.
> SSH client is the ttssh extension to Tera Term
>
> I have established an SSH connection and set up the port forwarding:
> 5901:a.b.c.d:5900 (ie: I am forwarding calls to port 5901 from my client to
> port 5900 on the server with ip address a.b.c.d). In Tera Term the
> formatting of establishing this is different than shown here, but this is
> the effect.
>
> The actual fields in the TTSSH port forwarding window -
> Forward local port: 5901
> to remote machine: a.b.c.d
> port: 5900
>
> If I create and set the HKLM\software\orl\winvnc3 Dword key AllowLoopback to
> 1, I can connect by specifying 127.0.0.1:1 or 127.0.0.1:5901 in the
> connection details screen of the VNCviewer application. However I can at
> this stage still connect directly by specifying a.b.c.d only.
>
> Attempting to tighten it down, I implement the LoopbackOnly Dword key (same
> path), setting it to 1 as well. At this stage I invariably get the message:
> "A program on the local machine attempted to connect to a forwarded port.
> The forwarding request was denied by the server. The connection has been
> closed."
>
> Setting the LoopbackOnly key back to 0 gives me tunnel access again. Note:
> at each stage I have to restart the VNC server - it does not dynamically
> read the registry settings for each connection attempt, so whenever I play
> with them I need to do a stop and start of the VNC program.
>
> A full table of my test results:
> AL LO tunnel direct
> 0 0 disabled pass
> 0 1 denied fail
> 1 0 pass pass
> 1 1 denied fail
> - 1 denied fail
> 1 - pass pass
>
> An explanation of the results:
> AL - AllowLoopback
> LO - LoopbackOnly
> disabled - a message from VNC (presumably from the server): "Local Loopback
> Connections are disabled."
> denied - message from Tera Term: "A program on the local machine attempted
> to connect to a forwarded port. The forwarding request was denied by the
> server. The connection has been closed."
> fail - message back from VNCviewer application: "Failed to connect to
> server."
> pass - it connects (asks for session password)
> A "-" is where I completely deleted the key from the registry (grasping at
> straws time).
>
> Rgds,
> Dave.
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
