Help - vnc routing error through firewall

Hi All - newbie question sorry about being OT

I'm trying to vnc into a win2k box behind a masquerading firewall/router - a snapgear lite (embedded linux device) which I've set up for a small client business. Latest VNC.

The following incoming ports are blocked:

20, 21, 69, 137, 139, 194, 546 currently and the server's patched up to the max running AV stuff and has languard's file integrity checker running on it as well as a couple of other bits of security software. I'm going to setup a deny all/allow some policy tommorow but that's irrelevant.

No outgoing ports are blocked.

I can hit into and configure the firewall's web interface from outside. Let's say its external address is 10.10.10.6 It supports port forwarding. The internal machines are using private addressing - the target server is 192.168.0.1 I've set up an incoming forward of 10.10.10.6:5800 to 192.168.0.1:5900

I enter http://10.10.10.6:5800 and get a VNC authentication dialogue box. Enter the password I set in their and eventually get:

Network Error: no route to server 10.10.10.6 So I'm guessing the problem is outgoing.

The win2k server is on SP2 + various security patches

The routing table on the snapgear router/firewall has the following entry for their network:

Destination Gateway Genmask Metric Interface
192.168.0.90 0.0.0.0 255.255.255.0 0 eth0

Now intuitively I would expect the gateway to be set to 192.168.0.254 which it is on the win2k server.

Help!!

_____________________________________________________________
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus

--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.