did a quick study on X11 over firewall, and find two ways to do so
.
1. X11
forwarding . Need to ensure SSH server by default/configured to support X11
forwarding on various unix-like platform.
2. Open
port number 6000 to our laptop (using static ip ) that running
x-server. Network team has to open this port on all servers to those
laptops needs to run x-window.
The
followings links may help .
http://forums.vandyke.com/showthread.php?t=322
Tested that in order to run X11 application from UNIX server to our PC, we need to open TCP port number 6000 only .
Tested that in order to run X11 application from UNIX server to our PC, we need to open TCP port number 6000 only .
i.e. The source ip is the unix server where we
invoke xclock.
The destination ip is our PC, e.g.
10.84.100.24
Port number: TCP 6000
"Yes, in a nut shell. If you can connect via SSH, and your SSH server on the Unix side allows X11 port forwarding, then you can tunnel the X display back to your PC. NAT does matter in this case, since you are already connected.
Be sure *not* to set your DISPLAY variable after logon to the target server, and allow SSH to do it for you."
http://www.cyberciti.biz/tips/iptables-block-remote-x-window-server-connection.html
Similarly, using openssh SSH in cygwin, needs to export DISPALY before invoke ssh command. e.g.
$ export DISPLAY=localhost:0
liqy@MP04ISLLIQY ~
$ ssh -X -l oracle dev07
Otherwise, may encounter below error.
dev07:B.11:TESTDB:/software/oracle> xclock
connect /tmp/.X11-unix/X0: No such file or directory
X connection to 10.132.90.1:11.0 broken (explicit kill or server shutdown).
Here are two sessions logon to same server 10.132.90.1 , note that the value of DISPLAY set by X11 forwarding are different: 10.132.90.1:10.0 and 10.132.90.1:12.0
