Re: [m0n0wall] I am having a time getting m0n0wall to pass vnc to the nat side

From:	"Aaron Cherman" <aaronc at morad dot ab dot ca>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] I am having a time getting m0n0wall to pass vnc to the nat side
Date:	Sun, 4 Feb 2007 19:02:45 -0700

>I am having a time trying to get m0n0wall to pass vnc traffic to
> 10.1.1.92port 5900 I can sit on the lan side on a switch and log in if
> I am set to
> 10.1.1.143 But I can not come in through the wan interface ip 68.191.96.57
> can some one help me with the config. I have to have it done tonight so I
> can get into my computer here at the house.

Pretty easy to set up - I have a number of these coming into our network.

First, you need to set up an Inbound NAT entry.  You will use the TCP 
protocol and set the "External port range" to 5900 (from and to).  The NAT 
IP will be your inside host - 10.1.1.92.  Local port will also be 5900. 
Then you need to add a firewall rule to allow traffic in - the easy way to 
do this is check the box at the bottom of the page where you create the 
Inbound NAT entry - "Auto-add a firewall rule to permit traffic through this 
NAT rule".  This will add a firewall rule that will allow traffic into the 
WAN interface that is destined for your local host (inside IP).


Aaron