[OpenAFS] Unable to authenticate from remote linux PC

Francisco Yumiceva yumiceva@sc.edu
14 Jan 2003 15:13:19 -0500 

Hi,

The firewall people from my university claims that all the ports that I
need for afs are opened but I still cannot get a token from any computer
outside my university (from home and from other institutions).

The firewall also don't allow to ping IPs in any direction. Can this
rule be a problem? I remember to see some change about the fileserver to
use pings to allocate threats.

How can I trace down my problem? Is there some log file that I can check
to get more clues.

Thanks,
Francisco

> I meant "remote linux PCs".
> 
> > When you say "remote PC" are you coming from a remote Unix machine or a PC
> > running Windows?  If it's the latter, you will also need to open up port
> > 88 UDP if you're using the Windows NT/2000/XP client, and port 750 UDP if
> > you're running the Windows 9x client.  (These are Kerberos ports.)
> 
> The log file has messages like this:
> 
> Jan 13 17:32:29 localhost kernel: afs: Lost contact with volume location
> server
> 129.252.78.77 in cell hep.sc.edu
> 
> The ports seems to be open so I don't know what is the problem.
> 
> Francisco
> 
> > On Mon, Jan 13, 2003 at 06:32:58PM -0500, Francisco Yumiceva wrote:
> > > Hi,
> > > 
> > > I can see from outside the university (from home) these ports:
> > > 
> > > 7000/udp   open        afs3-fileserver         
> > > 7001/udp   open        afs3-callback           
> > > 7002/udp   open        afs3-prserver           
> > > 7003/udp   open        afs3-vlserver           
> > > 7004/udp   open        afs3-kaserver           
> > > 7005/udp   open        afs3-volser             
> > > 7007/udp   open        afs3-bos              
> > > 
> > > 1024/udp   open        unknown                 
> > > 1025/udp   open                       
> > > 1028/udp   open        ms-lsa                  
> > > 1030/udp   open        iad1                    
> > > 1031/udp   open        iad2                    
> > > 1032/udp   open             
> > > ... and more ports...
> > > 
> > > so why I still get:
> > > Unable to authenticate to AFS because Authentication Server was
> > > unavailable.
> > > 
> > > What is wrong?
> > > 
> > > Francisco
-- 
_________________________________________________
Francisco Yumiceva
High Energy Group - Dept. of Physics & Astronomy
University of South Carolina
phone: 803.7771438    

http://www.slac.stanford.edu/~yumiceva
_________________________________________________