[OpenAFS] aklog with NAT

Ryan Underwood nemesis-lists@icequake.net
Sun, 05 Jan 2003 10:33:22 +0000


Hi,

Apologies in advance for the probably stupid nature of this question.
I have a client on NAT with a private IP of 192.168.x.x and a NAT router
with a public IP.  The OpenAFS server is on a public IP somewhere else.

I read through related messages on the list and it seems that AFS should
not have a problem with this setup as long as I make sure UDP 7001 isn't
getting timed out too soon.  However, I can't get that far.  I kinit and
then aklog, and aklog says:

aklog: Incorrect net address while getting AFS tickets

Sooo... any ideas? :)  I'm assuming this is related to the NAT; e.g., the
kerberos ticket is issued with an IP address of the public IP on the router's
external interface, and then aklog looks at the ticket, sees that it doesn't
match the internal machine that i'm sitting at, and quits.

-- 
Ryan Underwood, <nemesis at icequake.net>, icq=10317253