«

In article <49c6d611$0$16164$>, usenet21
@etiqa.co.uk says...
> Leythos wrote:
> > I have client that sits behind a real firewall, not a cheap nat router,
> > and the vendor for the app they use build a Ultra VNC connection into
> > it.
> >
> > When the local company starts the help service, it shows the 50+ remote
> > support connections, but, I can't seem to find a way for the remote
> > support people to connect back into the workstation with UVNC listening.
> >
> > There is no way to map individual IPort to LAN IPort as the stations
> > are all DHCP assigned....
> >
> > Anyone doing this that might have an idea?
>
> Maybe you could afford to use TeamViewer. If you're supporting more than
> 10 people you should be able to. Don't try it on the cheep you never get
> respect, if they pay for it they value it.
>
> It'll be a nightmare trying to configure every VNC client to tunnel
> through different ports on a firewall, much easier and less stressful to
> use a brokered connection though a port that is always open (HTTP or HTTPS)

Again, this is not my choice - the software vendor told the customer
that their UVNC solution allows them (customer) to start a session,
connect to the Providers list, and then the provider can back into the
customers computers to provide support.

They are unable to tell me what ports/connections need made in the
firewall and unless this was a normal VNC port mapping, I can't see the
working as they have stated.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(remove 999 for proper email address)

Leythos wrote:

> In article <49c6d611$0$16164$>, usenet21
> @etiqa.co.uk says...
>> Leythos wrote:
>>> I have client that sits behind a real firewall, not a cheap nat router,
>>> and the vendor for the app they use build a Ultra VNC connection into
>>> it.
>>>
>>> When the local company starts the help service, it shows the 50+ remote
>>> support connections, but, I can't seem to find a way for the remote
>>> support people to connect back into the workstation with UVNC listening.
>>>
>>> There is no way to map individual IPort to LAN IPort as the stations
>>> are all DHCP assigned....
>>>
>>> Anyone doing this that might have an idea?
>>
>> Maybe you could afford to use TeamViewer. If you're supporting more than
>> 10 people you should be able to. Don't try it on the cheep you never get
>> respect, if they pay for it they value it.
>>
>> It'll be a nightmare trying to configure every VNC client to tunnel
>> through different ports on a firewall, much easier and less stressful to
>> use a brokered connection though a port that is always open (HTTP or HTTPS)
>
> Again, this is not my choice - the software vendor told the customer
> that their UVNC solution allows them (customer) to start a session,
> connect to the Providers list, and then the provider can back into the
> customers computers to provide support.
>
> They are unable to tell me what ports/connections need made in the
> firewall and unless this was a normal VNC port mapping, I can't see the
> working as they have stated.

But including remote access support (using VNC) doesn't really preclude
the customer from implementing a different remote access scheme. The
software vendor doesn't even have to install any software (there is a
standalone executable for TeamViewer that doesn't require installation).
If the customer isn't *getting* support by the means the software vendor
provided and support *is* included in the contract then the customer is
still due the support from the vendor. Someone (the customer) isn't
pushing very hard to get the support they paid for.

VanguardLH wrote:
> Leythos wrote:
>
>> In article <49c6d611$0$16164$>, usenet21
>> @etiqa.co.uk says...
>>> Leythos wrote:
>>>> I have client that sits behind a real firewall, not a cheap nat router,
>>>> and the vendor for the app they use build a Ultra VNC connection into
>>>> it.
>>>>
>>>> When the local company starts the help service, it shows the 50+ remote
>>>> support connections, but, I can't seem to find a way for the remote
>>>> support people to connect back into the workstation with UVNC listening.
>>>>
>>>> There is no way to map individual IPort to LAN IPort as the stations
>>>> are all DHCP assigned....
>>>>
>>>> Anyone doing this that might have an idea?
>>> Maybe you could afford to use TeamViewer. If you're supporting more than
>>> 10 people you should be able to. Don't try it on the cheep you never get
>>> respect, if they pay for it they value it.
>>>
>>> It'll be a nightmare trying to configure every VNC client to tunnel
>>> through different ports on a firewall, much easier and less stressful to
>>> use a brokered connection though a port that is always open (HTTP or HTTPS)
>> Again, this is not my choice - the software vendor told the customer
>> that their UVNC solution allows them (customer) to start a session,
>> connect to the Providers list, and then the provider can back into the
>> customers computers to provide support.
>>
>> They are unable to tell me what ports/connections need made in the
>> firewall and unless this was a normal VNC port mapping, I can't see the
>> working as they have stated.
>
> But including remote access support (using VNC) doesn't really preclude
> the customer from implementing a different remote access scheme. The
> software vendor doesn't even have to install any software (there is a
> standalone executable for TeamViewer that doesn't require installation).
> If the customer isn't *getting* support by the means the software vendor
> provided and support *is* included in the contract then the customer is
> still due the support from the vendor. Someone (the customer) isn't
> pushing very hard to get the support they paid for.

What he said ^

I was too scared to cut anything it sounded so good. To be honest, if
you need to tunnel though firewalls it'll be horrible using individual
connections like VNC going to someone outside your private network, even
more so on DHCP you can't even know the IP address to match up.

Tell the vendor to fork out $1,000 (or whatever) for something that
works properly. Either that or get the vendor added to you network
through a VPN tunnel.

Sorry to the OP, I didn't pick up that you were not the vendor until
later posts.

These things are tough, and as I get older I am more inclined to be
tougher on the vendors. They need to supply support, they will do it my
way. If it costs an extra k or two then so be it. If I can do it, then
they can do it. You're in the driving seat here, you tell them what you
want seeing as you're paying the bills (or your client is).

For this kind of support a brokered connection is needed, and one
that'll tunnel through firewalls with little work on your part. Look at
it from a cost-benefit analysis, if your time costs $200/hour and takes
two days to set up you could have something else in place for 1/2 that -
and the vendor picks up the tab

Be assertive! We deserve it.