[OpenAFS] please help: Unable to authenticate
Francisco Yumiceva
yumiceva@sc.edu
21 Jan 2003 17:59:13 -0500
Hi,
I am still having problem to get a token from outside my campus.
We have two servers on campus with RH6.2 and RH7.2 running openafs1.2.8.
>From off campus, I get this error when I klog:
klog -c hep.sc.edu
Password:
Unable to authenticate to AFS because Authentication Server was
unavailable.
The firewall campus has all the necessary services open for AFS. This is
what I got with tcpdump from outside (cae.sc.rr.com):
17:04:19.426155 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver: rx ack cid f8a16ed8 call# 2 seq 0
ser 9 secindex 0 serviceid 731 <client-init>,<req-ack> fir 1 0p (65)
(DF) (ttl 64, id 0, len 93)
17:04:19.688565 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver: rx data cid f8a16ed8 call# 2 seq 1
ser 10 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt>
kauth call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 64, id
0, len 104)
17:04:23.430058 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver: rx ack cid f8a16ed8 call# 2 seq 0
ser 11 secindex 0 serviceid 731 <client-init>,<req-ack> fir 1 0p (65)
(DF) (ttl 64, id 0, len 93)
17:04:23.457372 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver: rx data cid f8a16ed8 call# 2 seq 1
ser 12 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt>
kauth call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 64, id
0, len 104)
And this is on the server side:
17:43:53.205824 cae88-121-007.sc.rr.com.32846 >
bender.physics.sc.edu.afs3-kaserver: rx data cid f8a9cf68 call# 1 seq 1
ser 1 secindex 0 serviceid 731 <client-init>,<last-pckt> kauth call
authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 50, id 0, len
104)
17:43:53.206203 bender.physics.sc.edu.afs3-kaserver >
cae88-121-007.sc.rr.com.32846: rx data cid f8a9cf68 call# 1 seq 1 ser 1
secindex 0 serviceid 731 <last-pckt> kauth reply authenticate-v2 (164)
(DF) (ttl 64, id 0, len 192)
17:43:53.347538
>>> NetBeui Packet
Type=0x3 Length=44 (0x2c) Signature=0xEFFF Command=0x8
NetbiosDataGram:
Destination=BERG GROUP NameType=0x1B (Domain Controller)
Source=BERGLAB7 NameType=0x00 (Workstation)
SMB PACKET: SMBtrans (REQUEST)
SMB Command = 0x25
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x18
Flags2 = 0x3
Tree ID = 0 (0x0)
Proc ID = 51966 (0xcafe)
UID = 0 (0x0)
MID = 0 (0x0)
Word Count = 17 (0x11)
TotParamCnt=0 (0x0)
TotDataCnt=
17:43:53.396027 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45
17:43:53.645516 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45
17:43:56.240866 cae88-121-007.sc.rr.com.32846 >
bender.physics.sc.edu.afs3-kaserver: rx data cid f8a9cf68 call# 1 seq 1
ser 2 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt> kauth
call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 50, id 0,
len 104)
17:43:56.240949 bender.physics.sc.edu.afs3-kaserver >
cae88-121-007.sc.rr.com.32846: rx ack cid f8a9cf68 call# 1 seq 1 ser 2
secindex 0 serviceid 731 fir 2 2D (65) (DF) (ttl 64, id 0, len 93)
17:43:56.349408 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45
What can be wrong?
Thanks very much for any clue.
Francisco
--
_________________________________________________
Francisco Yumiceva
High Energy Group - Dept. of Physics & Astronomy
University of South Carolina
phone: 803.7771438
http://www.slac.stanford.edu/~yumiceva
_________________________________________________