Only one VNC socket works: 5901

paulmmluap Posts: 4
First Comment
edited April 2021 in Security

I don't understand why only one VNC socket works for my Linux server. Before I used the USG40 I tested several connections (sockets 5901-5904) and they worked fine. I connected the USG in the following "circuit": Fiber(AT&T), Modem(AT&T), Router (AT&T) with Port forwarding IP to USG40. On USG40 P2 WiFi, P3 Linux Server, P4 PC, P5 NAS (all four on LAN1). It would seem to me your USG40 is stopping the traffic in all but 5901.

All Replies

  • paulmmluap

    It looks like the only port open on my Linux box is 5901. This is odd because I:

    [root@server userid]# firewall-cmd --zone=public --add-port=5900-5910/tcp --permanent


    [root@server userid]# firewall-cmd --list-all



    ports: 5901/tcp



  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,450  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @paulmmluap

    Can you see VNC packets on Lan interface if you connect VNC from Internet?

    For port mapping settings, you also need to create a firewall rule to allow VNC traffic from wan to lan.

    Packet capture CLI: 

    Router> packet-trace interface lanx extension-filter port xxxx

Security Highlight