If you prefer to run sessions without ssh encryption and you have default values for the configuration parameters of your NX Server installation, a generic client that wants to connect from the WAN must be able to access, in addition to port 22, TCP ports in the range [5000-5200].

I'll explain why: selecting 'SSL encryption' forces NX Client to use the same (encrypted) channel created during the authentication phase to tunnel all the X traffic. If 'SSL encryption' is not enabled NX Client uses a ssh channel just for authentication purposes and, after a successfull authentication has took place, the client reconnects to a display in the range starting at 'DISPLAY_BASE' upto the value ('DISPLAY_BASE' + 'DISPLAY_LIMIT').

These parameters default to the values "1000" and "200" respectively; if you want you can take a look at your server configuration file (usually '/usr/NX/etc/node.conf') and tune them to fit your needs.

TCP port numbers are obtained by adding the value "4000" to the display numbers.

Regards,

Fabio Rosati - NoMachine
www.nomachine.com
NoMachine, Italy