You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: anothersmurf
anothersmurf Author
User level: Level 1
58 points

Built-in Firewall blocking VNC connections

Running 10.8.5 fully updated on a Mini. In System Preferences/Sharing, Screen Sharing is turned on. In System Preferences/Security, the Firewall is turned on. Clicking on options shows that Screen Sharing access is allowed, right at the top. (A few other apps are listed below it, all set to allow, there are no blocks.) Signed software is automatically allowed to receive connections, and stealth mode is disabled.


I try to connect via screen sharing from another computer. It fails, it just keeps trying and trying but never gets to the login prompt. Eventually I give up and hit Stop.


Go back to the mini, disable the firewall. Screen Sharing now works, logs in very quickly, as expected. If I reenable the firewall, an existiing screen sharing connection continues to work, but if I disconnect, I can't reconnect. (Until I disable the firewall again)


So why is the firewall blocking screen sharing from working, when Screen Sharing is explicly enabled in the firewall...? I would like to have the firewall turned on for security, but I need screen sharing allowed. Is there any way to do this?


This is a recent problem, just the last couple of days. It worked fine with the firewall turned on before. So maybe there's just some new trick that's needed?

Posted on Oct 29, 2013 12:41 PM

Reply
13 replies
User profile for user: pwb503
pwb503
User level: Level 1
6 points

Oct 29, 2013 9:19 PM in response to anothersmurf

I had the same problem and just fixed it.


Here's my fix:


System Preferences -> Security & Privacy -> Firewall

Click on Firewall Options (you may need to click on the lock and type in your password to do this...)

Scroll down and see if you have the app "screensharingd" listed

If so click on it and click the minus button to delete it from the list

Hit OK

System Preferences -> Sharing

Turn off all sharing options

Restart the computer

Once restarted...

System Preferences -> Sharing

Turn on the sharing options you want, specifically either Remote Management or Screen Sharing

Click "yes" or "ok" or "allow" in the dialog box that asks if you should allow incoming connections


That should do it!


I know that a router should provide a firewall so you could turn the OS firewall off, but the problem is that it used to work with the firewall on, (before this fix) it did work with the firewall turned off, and it SHOULD work with the firewall on, regardless of if it's necessary or not...


This fix allows you to keep your firewall on just as it was before.

Reply
User profile for user: pwb503
pwb503
User level: Level 1
6 points

Oct 29, 2013 9:20 PM in response to anothersmurf

I had the same problem and just fixed it.


Here's my fix:


System Preferences -> Security & Privacy -> Firewall

Click on Firewall Options (you may need to click on the lock and type in your password to do this...)

Scroll down and see if you have the app "screensharingd" listed

If so click on it and click the minus button to delete it from the list

Hit OK

System Preferences -> Sharing

Turn off all sharing options

Restart the computer

Once restarted...

System Preferences -> Sharing

Turn on the sharing options you want, specifically either Remote Management or Screen Sharing

Click "yes" or "ok" or "allow" in the dialog box that asks if you should allow incoming connections


That should do it!


I know that a router should provide a firewall so you could turn the OS firewall off, but the problem is that it used to work with the firewall on, (before this fix) it did work with the firewall turned off, and it SHOULD work with the firewall on, regardless of if it's necessary or not...


This fix allows you to keep your firewall on just as it was before.

Reply
User profile for user: BobHarris
BobHarris
User level: Level 9
55,055 points

Oct 30, 2013 6:27 AM in response to anothersmurf

Does VNC even work through a router?

It can if you wish to configure your router to pass port 5900 from the internet to your Mac, but by default, No VNC clients out-side your home cannot connect to your Mac's VNC server through your home router.


Out bound VNC connects to an external VNC server that is visible on the internet can be done through your router, only in-bound connections need special router configuration.

Reply
User profile for user: anothersmurf
anothersmurf Author
User level: Level 1
58 points

Oct 30, 2013 1:52 PM in response to pwb503

That works, but only temporarily. If after doing that, you restart the computer (some days later, say), VPN will go back to not working until the fix is reapplied.


What seems to happen is, on restart, if the firewall is enabled, remote access is changed to deny. Bizarrely, even if you open up Firewall and change it to Allow, the change doesn't take. That's got to be a bug (and not an attempt by Apple to make people go out and buy routers). So hopefully it'll get fixed someday...

Reply
User profile for user: Mandesk
Mandesk
User level: Level 1
0 points

Nov 17, 2013 6:57 AM in response to anothersmurf

I have been having the same issues, after I updated remote services to 3.7, only way to mange remote Mac from Windows was by turning off Firewall. This had worked fine up to then.


Now that I have finally been able to update to Mavericks, it is all working fine again....but I would like to reboot and try again. Will post back here one way or another....

Reply

Built-in Firewall blocking VNC connections

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up