Manuals / Citrix Systems / Computer Equipment / Server

Citrix Systems 6.2.0 manual Firewall Settings, To Open the VNC Port on Sles 10.x VMs Firewall

Models: 6.2.0

1 78
Download 78 pages 59.38 Kb
Page 73
Image 73

service vnc1

 

{

 

socket_type

= stream

protocol

= tcp

wait

= no

user

= nobody

server

= /usr/X11R6/bin/Xvnc

server_args = :42 -inetd -once -query localhost -geometry 1024x768 -depth 16

type

=

UNLISTED

port

=

5901

}

 

 

2.Edit the port line to read

port = 5900

3.Save and close the file.

4.Restart the display manager and xinetd service with the following commands:

/etc/init.d/xinetd restart rcxdm restart

SUSE Linux uses runlevel 5 for graphical startup. If your remote desktop does not appear, verify that your VM is configured to start up in runlevel 5. Refer to Section D.4, “Checking Runlevels” for details.

D.3.4. Firewall Settings

By default the firewall configuration does not allow VNC traffic to go through. If you have a firewall between the VM and XenCenter, you need to allow traffic over the port that the VNC connection uses. By default, a VNC server listens for connections from a VNC viewer on TCP port 5900 + n, where n is the display number (usually just zero). So a VNC server setup for Display-0 will listen on TCP port 5900, Display-1 is TCP-5901, etc. Consult your firewall documentation to make sure these ports are open.

You might want to further customize your firewall configuration if you want to use IP connection tracking or limit the initiation of connections to be from one side only.

To Open the VNC Port on SLES 10.x VMs' Firewall

1.Open a text console on the VM and run the YaST utility:

yast

2.Use the arrow keys to select Security and Users in the left menu, then Tab to the right menu and use the arrow keys to select Firewall. Press Enter.

3.In the Firewall screen, use the arrow keys to select the Allowed Services in the left menu.

4.Tab to the Firewall Configuration: Allowed Services fields on the right. Use the arrow keys to select the Advanced button (near the bottom right, just above the Next button) and press Enter.

5.In the Additional Allowed Ports screen, enter 5900 in the TCP Ports field. Tab to the OK button and press Enter.

6.Tab to the Next button and press Enter, then in the Summary screen Tab to the Accept button and press Enter, and finally on the top-level YaST screen Tab to the Quit button and press Enter.

7.Restart the display manager and xinetd service with the following commands:

/etc/init.d/xinetd restart rcxdm restart

Alternatively, you can disable the firewall until the next reboot by running the rcSuSEfirewall2 stop command, or permanently by using YaST. This can of course expose additional services to the outside world and reduce the overall security of your VM.

66

Page 72 Page 74
Page 73
Image 73
Citrix Systems 6.2.0 manual Firewall Settings, To Open the VNC Port on Sles 10.x VMs Firewall
Page 72 Page 74