Hi All - newbie question

I'm trying to vnc into a win2k box behind a masquerading firewall/router - a snapgear lite (embedded linux device) which I've set up for a small client business. Latest VNC.



The following incoming ports are blocked:

20, 21, 69, 137, 139, 194, 546 currently and the server's patched up to the max running AV stuff and has languard's file integrity checker running on it as well as a couple of other bits of security software. I'm going to setup a deny all/allow some policy tommorow but that's irrelevant.

No outgoing ports are blocked.

I can hit into and configure the firewall's web interface from outside. Let's say its external address is 10.10.10.6 It supports port forwarding. The internal machines are using private addressing - the target server is 192.168.0.1 I've set up an incoming forward of 10.10.10.6:5800 to 192.168.0.1:5800
and the same for 5900

I enter http://10.10.10.6:5800 and get a VNC authentication dialogue box. Enter the password I set in their and eventually get:

Network Error: no route to server 10.10.10.6 So I'm guessing the problem is outgoing.

The win2k server is on SP2 + various security patches


The routing table on the snapgear router/firewall has the following entry for their network:


Destination Gateway Genmask Metric Interface
192.168.0.1 0.0.0.0 255.255.255.0 0 eth0

Now intuitively I would expect the gateway to be set to 192.168.0.254 which it is on the win2k server.

I've also tried the vnc client and got "failed to connect to server".

Help!!