Scenario: Computer A is a workstation running Mageia 4. Computer B is a laptop running OpenSUSE 13.2.
Computer A has sshd running and port 22 is exposed through a router to the internet (the WAN). Of course, sshd is also exposed through the LAN.
Computer A is also running x11vnc without a password, watching port 5900. Port 5900 is firewalled off on the workstation and on the router; it is only available locally.
Computer B has a wireless connection to the same LAN that A is on. B can make a normal ssh connection (for a terminal session) with A using A's LAN address. B can also make a normal ssh connection with A from the LAN or from remote locations, using the WAN address. X forwarding is enabled and is working.
Thus, connectivity with ssh seems to be working correctly.
B then attempts to establish an ssh tunnel to A. When B accesses A using A's LAN IP, the tunnel works.
Syntax: ssh -f -l jiml 192.168.0.2 -L 5900:192.168.0.2:5900 -N
Doing it this way results in a vnc session forwarded to computer B enabling remote control of computer A.
When B accesses A using the WAN address, the ssh tunnel connection is made and both B and A agree this has happened. However, x11vnc on A never sees a connection from the client (krdc) on B and no data is passed.
Syntax: ssh -f -l jiml WAN.IP.addr -L 5900:WAN.IP.addr:5900 -N
I am baffled by this. I reiterate; B can access A for an ssh terminal session from anywhere. Via the LAN, a tunnel session works fine. Via the WAN, the tunnel is apparently established, but no data passes. How can this be? Anyone have any ideas?