Forum OpenACS Q&A: Using X from behind a NAT router

Posted by Janine Ohmer on
This is somewhat off-topic here, but this is the most knowledgeable group I know.  Hopefully someone will know the answer to this...

We have a T1 here in the office, so my computer is on an internal LAN behind a NAT router.  I have a dynamically assigned IP address.

I've just installed XDarwin (*yea*) and want to be able to run Tora on one of our servers and route the display back here.  Unfortunately, I can't figure out how to do it.

I know the name and IP address the router presents to the outside world, but that doesn't give enough information to route traffic through to my computer.  I've tried a few variations of router name + my system name, but nothing has worked.

Any suggestions?

Posted by Jeff Davis on
If you set up ssh properly you should be able to just run it
via the ssh connection and the tunnelling will be handled for you (and ssh will even set the DISPLAY variable for you).
I could not tell you all the things to set though.
Posted by Jun Yamog on
Hi Janine,

I am unsure of what kind of router you use.  But I was able to use Cisco IOS, ipchains + port forward or iptables.  What I did was to have the router listen to 6000 then foward this to my PC on the internal network.  Then on the remote server tell that your X server is the router.

Or better yet use SSH tunneling.  See -L or -R options.  Or just edit the sshd config of the remote server to allow X11 forwarding.

Posted by Jon Griffin on

Jeff is correct. I use ssh forwarded X all the time (although it will remind you of dial up speeds.)

Make sure you have in your sshd xforwarding set to on and also the one about terminals ( I forgot the name).

I believe that the default is not to forward X. Also, make sure your router forwards the ports correctly (I don't remember the numbers (although they are easy to find).

Posted by Janine Ohmer on
It works!!!

For the record, here's what I did:

  • On the local system, create/edit $HOME/.ssh/config and add "ForwardX11 yes"
  • From the X desktop, ssh to the remote server
  • Run the X application on the remote server from the ssh instance
And it just works! I didn't enable anything about terminals and I haven't missed it yet, but that might be needed for something this application doesn't do. Thanks, guys!
Posted by Allen Iverson on
One more tip: make sure your sshd on your remote machine is configured to only accept protocol version 2 (the Protocol line in your /etc/ssh/sshd_config).  I was enabling both versions 1 and 2 and was unable to do X forwarding.  But when I cut it back to only version 2, it magically started working.
Posted by James Thornton on
I frequently work on remote Internet servers via ssh. If you fire up emacs 21 in X windows mode on a remote Internet server, the lag will drive you crazy. emacs 20.7 works great though.