Search code examples
unixvpnxming

Using Xming X Window Server over a VPN


I have the Xming X Window Server installed on a laptop running Windows XP to connect to some UNIX development servers.

It works fine when I connect directly to the company network in the office. However, it does not work when I connect to the network remotely over a VPN.

When I start Xming when connected remotely none of my terminal Windows are displayed.

I think it may have something to do with the DISPLAY environment variable not being set correctly to the IP address of the laptop when it is connected.

I've noticed that when I do an ipconfig whilst connected remotely that my laptop has two IP addresses, the one assigned to it from the company network and the local IP address I've set up for it on my "local network" from my modem/router.

Are there some configuration changes I need to make in Xming to support its use through the VPN?


Solution

  • Chances are it's either X authentication, the X server binding to an interface, or your DISPLAY variable. I don't use Xming myself but there are some general phenomenon to check for. One test you can do to manually verify the DISPLAY variable is correct is:

    1. Start your VPN. Run ipconfig to be sure you have the two IP addresses you mentioned (your local IP and your VPN IP).
    2. Start Xming. Run 'netstat -n' to see how it's binding to the interface. You should see something that either says localIP:6000 or VPNIP:6000. It may not be 6000 but chances are it will be something like that. If there's no VPNIP:6000 it may be binding only to your localIP or even 127.0.0.1. That will probably not work over the VPN. Check if there are some Xming settings to make it bind to other or all interfaces.
    3. If you see VPNIP:6000 or something similar, take note of what it says and remote shell into your UNIX host (hopefully something like ssh, if not whatever you have to get a text terminal).
    4. On the UNIX terminal type 'echo $DISPLAY'. If there is nothing displayed try 'export DISPLAY=VPNIP:0.0' where VPNIP is your VPN IP address and 0.0 is the port you saw in step 3 minus 6000 with .0 at the end (i.e. 6000 = 0.0, 6010 = 10.0).
    5. On the UNIX host run something like 'xclock' or 'xterm' to see if it runs. The error message should be informative. It will tell you that it either couldn't connect to the host (a connectivity problem) or authentication failed (you'll need to coordinate Xauth on your host and local machine or Xhosts on your local machine).

    Opening Xhosts (with + for all hosts or something similar) isn't too bad if you have a locally protected network and you're going over a VPN. Hopefully this will get you started tracking down the problem. Another option that is often useful as it works over a VPN or simple ssh connectivity is ssh tunneling or X11 forwarding over ssh. This simulates connectivity to the X server on your local box by redirecting a port on your UNIX host to the local port on your X server box. Your display will typically be something like localhost:10.0 for the local 6010 port.

    X can be ornery to set up but it usually works great once you get the hang of it.