Results 1 to 7 of 7

Thread: TightVNC expert firewall settings with outbound lockdown

  1. #1
    jamesbourne Guest

    Default TightVNC expert firewall settings with outbound lockdown



    We are having problems getting Tight VNC to work through the ZoneAlarm pro firewall.

    We have no problems with other firewall products - simply open up port 5900 for inbound packets from specific set of IP addresses on our network.

    We usually lock down outbound ports as well but have not had to open up any outbound ports in order for Tight VNC to work on other firewalls.

    However, with ZoneAlarm we have to open outbound ports in order for TightVNC to work - cannot specify a range of ports in ZoneAlarm pro so it is difficult to pin down which TCP port is responsible, so we end up having to open all TCP outbound ports to our network addresses which for security we do not want to do.

    Any idea what is going on ?

    Is there a specific port or setting that needs opening in ZoneAlarm ?

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm Pro
    Software Version:6.0

  2. #2
    ad_hock Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    Hi jamesbourne
    If i'm not wrong you have the option to open ranges of TCP outbond ports. In firewall main click custom and in internet zone check outbond TCP ports and you can enter either ports or range of ports. I don't know well enough the program but if you give it server rights in both trusted and internet it doesn't work?
    Best regards

  3. #3
    jamesbourne Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    Thanks, that's interesting - I usually set things up via the Expert firewall settings and that does not seem to allow port ranges to be specified in rules or groups. I will check this out and see if I can track down the culprit.

  4. #4
    jamesbourne Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    PS - no it does not work with the server settings all switched on for both trusted and internet and also does not work if the requesting network is also in the trusted zone !

  5. #5
    nhoeller Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    I had the same problem where even local HTTP access to TightVNC was failing. I opened up inbound and outbound ports 5800,5900 in ZoneAlarm Pro. The problemchanged - I got a ZoneAlarm pop-up that "Symantec Event Manager Service was blocked from accepting a connection from the local zone (10.1.2.123:Port 2937)". I went into ZoneAlarm and found that Symantec Event Manager Service had been configuredas 'reject' forserver requests from both the Trusted and Internet zones. I changedthe settingn to 'Ask'. When I tried another HTTP request to port 5800, I got: "Symantec Event Manager Service wants to accept connections from the trusted zone' with a recommendation to 'Deny'. I said 'Allow' and was able to connect. I am not sure why ZoneAlarm seems to be concerned about Symantec Event Manager, or why Symantec Event Manager is intercepting the TightVNC connections. I am running Norton SystemWorks 2005.

  6. #6
    jamesbourne Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    If Symantec Event Manager was intercepting TightVNC would this not be the case with ZoneAlarm shutdown anyway ? and therefore ZoneAlarm was not the problem ?

  7. #7
    nhoeller Guest

    Default Re: TightVNC expert firewall settings with outbound lockdown

    I don't think Symantec Event Manager was actually doing anything with the TightVNC traffic, other than passing it on. I was just documenting that inmy case, opening ports 5800/5900 in ZoneAlarm was only the first step.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •