sean bhola a écrit :
I need to connect to my PC at work from home. The firewall at work has only ports 80 (http) and 443 (https) open, I also think there is a proxy. I was wondering which scenario would work.
A general problem here is that you can't reach your machine at work because of the firewall + proxy: the only solution is to have the machine at work connect to the machine at home, and create a reverse tunnel. That's perfectly possible but inconvenient (for one, you can't control the machine at work to create or re-create the tunnel if it breaks).
You can do that with either stunnel or ssh.
1: To encapsulate vnc traffic within ssl using stunnel and pass it though port 443, OR
This should work fine: run stunnel at home listening on 443, and, from work, connect through the proxy (you'll probably need something like corkscrew).
2: To encapsulate vnc traffic within ssl using stunnel, then encapsulate that within http using httptunnel and pass through port 80
Probably won't go through the proxy -- proxys tend to try and understand the traffic that's going through them. I may be wrong thought, there are many different kind of proxys out there.
OR3: To encapsulate vnc traffic within http, then encapsulate that within ssl using stunnel and pass through port 443
Should work, but it's just the same as number 1 with http encapsulation, which you don't need. Once you're carrying SSL through the proxy/firewall, it makes no difference what's in that SSL (http or VNC), as the proxy can't see it anyways.
Y.