Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Proxy for viewer and server problem

Post Reply
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Proxy for viewer and server problem

Post by Iaco »

Viewer --- Proxy + NAT -----+
......................................... |
.........................................+------- :443 Repeater
......................................... |
Server --- Proxy + NAT -----+

In this configuration, I have a problem.
The viewer can connect to Repeater (in Repeater's logs) but not server

Viewer --- Proxy + NAT -----+
......................................... |
......................................... +------- :443
......................................... | :4343 Repeater
Server ------------- NAT -----+
This works !

The socket open on 443 in proxy mod can receive server and viewer ?


HS : how can I change the ssl certificat (I find for SCIII but not for PcHelpWare)
Last edited by Iaco on 2007-05-04 13:55, edited 1 time in total.
YY
200
200
Posts: 996
Joined: 2006-11-13 15:11

Re: Proxy for viewer and server problem

Post by YY »

Iaco wrote: Viewer --- Proxy + NAT -----+
......................................... |
......................................... +------- :443 Repeater
......................................... |
Server ------------- NAT -----+
This works !
This is unlikely to be worked.
If you didn't had a proxy at the server pc, PHW will not use https repeater connection, and simply switch back to normal repeater connection.

If a connection is able to be established, you can verify again to see if the outbound connection are really using port 443 ( or just normal repeater connection).

how can I change the ssl certificat for SCIII
See this post: [topic=7834][/topic]
Last edited by YY on 2007-05-07 05:46, edited 1 time in total.
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

Sorry but you don't quote my words correctly ... and you don't answer me.
This is unlikely to be worked.
If you didn't had a proxy at the server pc, PHW will not use https repeater connection, and simply switch back to normal repeater connection.

If a connection is able to be established, you can verify again to see if the outbound connection are really using port 443 ( or just normal repeater connection).
I know that ... that's why I use 4343 as server socket ... I can't use Viewer and server in proxy mod at same time.

how can I change the ssl certificat for SCIII
Not for SCIII, for PHW. Same issue ?
Last edited by Iaco on 2007-05-07 07:48, edited 1 time in total.
bevtech
800
800
Posts: 2168
Joined: 2005-08-03 14:07
Location: Pennsylvania, United States

Re: Proxy for viewer and server problem

Post by bevtech »

The encryption in pchelpware is hard coded and can not be changed..:(
Bevtech

Windows XP Home, Pro SP2, Windows 2003 SBS server SP2(EN), Windows Media Center Editon 2005,Windows Vista Home Prem.,Fedora Core 6,Win9X, PChelpware Rel 1.0,
UVNC V 1.0.8.2

User not developer..;)
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

The encryption in pchelpware is hard coded and can not be changed..Sad
Thx
Arfff ...
I've got a firewall with applicative analyse which analyze SSL negociations and block the non valid certificate or over traffic (for example I can't use ssh instaed of https on 443) :s I hope that work at all :|








The socket open on 443 in proxy mod (Repeater) can receive server and viewer at same time ?
YY
200
200
Posts: 996
Joined: 2006-11-13 15:11

Re: Proxy for viewer and server problem

Post by YY »

Sorry Iaco. I misconstrued the "4343" in your message be mistyping of "443".

Regarding: "The socket open on 443 in proxy mod (Repeater) can receive server and viewer at same time ?"
Yes. I test with my repeater, and check the firewall log. The repeater communicates with both sides (viewer & server) at 443 when connection established.
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

Ok thanks. :wink:

I suppose I miss a parameter. I test again this days
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

Doesn't works :(

Can you send to me screenshoots of your config (repeater and viewer) ?


In my case, the server return :
(...)
- Connect repeater success
- Setting up encryption
- Waiting for Viewer
and the viewer :
(...)
- Start Encryption, waiting server
but in repeater's log there are nothing after the serie of "listen() succeded"
bevtech
800
800
Posts: 2168
Joined: 2005-08-03 14:07
Location: Pennsylvania, United States

Re: Proxy for viewer and server problem

Post by bevtech »

if your firewall checks for valid certificates or major packet inspecting then it may not work...:(
Bevtech

Windows XP Home, Pro SP2, Windows 2003 SBS server SP2(EN), Windows Media Center Editon 2005,Windows Vista Home Prem.,Fedora Core 6,Win9X, PChelpware Rel 1.0,
UVNC V 1.0.8.2

User not developer..;)
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

For my tests, firewall's administrators disconnect this feature. They autorize me to use 443 as I wish :wink:
I have anticipated this problem :D
YY
200
200
Posts: 996
Joined: 2006-11-13 15:11

Re: Proxy for viewer and server problem

Post by YY »

Iaco wrote:Can you send to me screenshoots of your config (repeater and viewer) ?
1. Viewer PC, IP: 192.168.1.21, with a proxy running at the same machine.
Image
Message when connection established:
[none]
relay_method=HTTP[3]
relay_host=192.168.1.21 (** proxy running at the same machine **)
relay_port=6588 (** proxy port **)
relay_user=yy
local_type=socket
local_port=1111
dest_host=192.168.1.41 (** repeater IP)
dest_port=443
not matched, addr to SOC.....
connecting to 192.168.1.21:.....
begin_http_replay[]
connected, start user session
connected
start relaying
Start Encryption, waiting server
Encryption setup complete


2. Repeater pc, IP: 192.168.1.41
Image
Log when connection established:
socket() initialized
bind() succeded to port 5901
listen() succeded
socket() initialized
bind() succeded to port 5500
socket() initialized
bind() succeded to port 443
socket() initialized
bind() succeded to port 5912
listen() succeded
listen() succeded
listen() succeded

Server added to list 7321
Viewer added to list 7321


3. Server pc, IP: 192.168.1.31; with a proxy running at the same machine.
Message (Info Box) when connected:
Start
(none)
replay_method=HTTP[3]
replay_host=192.168.1.31 (** ** proxy running at the same machine **)
relay_port=6588 (** proxy port **)
relay_user=yy
local_type=socket
local_port=1111
dest_host=192.168.1.41 (** repeater **)
dest_port=443
not matched, addr to be SOCKSified: 192.168.1.41
connecting to 192.168.1.31:6588
begin_http_relay()
connected, start user session
connected
start relaying
Proxy tunneling OK
192.168.1.41
ID:7321
Setting up encryption
Waiting for Viewer
Public key received..
Sending contra key..
Encryption initialized
Server require password
Sending hostname and cpu info
Sending PCH version
Receive password
Password verified
Receive quality settings
YY
200
200
Posts: 996
Joined: 2006-11-13 15:11

Re: Proxy for viewer and server problem

Post by YY »

Iaco wrote:In my case, the server return :
(...)
- Connect repeater success
- Setting up encryption
- Waiting for Viewer
Your server just used the normal repeater connection (not https).

Do you have the proxy setting entered at the Internet Option?
Or Does your network use a transparent proxy?
Iaco
8
8
Posts: 9
Joined: 2007-05-04 13:16
Location: France

Re: Proxy for viewer and server problem

Post by Iaco »

(the proxy setting entered at the Internet Option)

Ok Thx a lot for your help :)
Post Reply