[OpenAFS] please help: Unable to authenticate

Francisco Yumiceva yumiceva@sc.edu
21 Jan 2003 17:59:13 -0500 

Hi,

I am still having problem to get a token from outside my campus.

We have two servers on campus with RH6.2 and RH7.2 running openafs1.2.8.
>From off campus, I get this error when I klog:

klog -c hep.sc.edu
Password:
Unable to authenticate to AFS because Authentication Server was
unavailable.

The firewall campus has all the necessary services open for AFS. This is
what I got with tcpdump from outside (cae.sc.rr.com):

17:04:19.426155 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver:  rx ack cid f8a16ed8 call# 2 seq 0
ser 9 secindex 0 serviceid 731 <client-init>,<req-ack> fir 1 0p (65)
(DF) (ttl 64, id 0, len 93)
17:04:19.688565 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver:  rx data cid f8a16ed8 call# 2 seq 1
ser 10 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt>
kauth call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 64, id
0, len 104)

17:04:23.430058 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver:  rx ack cid f8a16ed8 call# 2 seq 0
ser 11 secindex 0 serviceid 731 <client-init>,<req-ack> fir 1 0p (65)
(DF) (ttl 64, id 0, len 93)
17:04:23.457372 cae.sc.rr.com.32844 >
bender.physics.sc.edu.afs3-kaserver:  rx data cid f8a16ed8 call# 2 seq 1
ser 12 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt>
kauth call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 64, id
0, len 104)

And this is on the server side:
17:43:53.205824 cae88-121-007.sc.rr.com.32846 >
bender.physics.sc.edu.afs3-kaserver:  rx data cid f8a9cf68 call# 1 seq 1
ser 1 secindex 0 serviceid 731 <client-init>,<last-pckt> kauth call
authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 50, id 0, len
104)
17:43:53.206203 bender.physics.sc.edu.afs3-kaserver >
cae88-121-007.sc.rr.com.32846:  rx data cid f8a9cf68 call# 1 seq 1 ser 1
secindex 0 serviceid 731 <last-pckt> kauth reply authenticate-v2 (164)
(DF) (ttl 64, id 0, len 192)
17:43:53.347538 
>>> NetBeui Packet
Type=0x3 Length=44 (0x2c) Signature=0xEFFF Command=0x8
NetbiosDataGram:
Destination=BERG GROUP      NameType=0x1B (Domain Controller)
Source=BERGLAB7        NameType=0x00 (Workstation)

SMB PACKET: SMBtrans (REQUEST)
SMB Command   =  0x25
Error class   =  0x0
Error code    =  0 (0x0)
Flags1        =  0x18
Flags2        =  0x3
Tree ID       =  0 (0x0)
Proc ID       =  51966 (0xcafe)
UID           =  0 (0x0)
MID           =  0 (0x0)
Word Count    =  17 (0x11)
TotParamCnt=0 (0x0) 
TotDataCnt=


17:43:53.396027 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45
17:43:53.645516 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45

17:43:56.240866 cae88-121-007.sc.rr.com.32846 >
bender.physics.sc.edu.afs3-kaserver:  rx data cid f8a9cf68 call# 1 seq 1
ser 2 secindex 0 serviceid 731 <client-init>,<req-ack>,<last-pckt> kauth
call authenticate-v2 principal "yumiceva" "" (76) (DF) (ttl 50, id 0,
len 104)
17:43:56.240949 bender.physics.sc.edu.afs3-kaserver >
cae88-121-007.sc.rr.com.32846:  rx ack cid f8a9cf68 call# 1 seq 1 ser 2
secindex 0 serviceid 731 fir 2 2D (65) (DF) (ttl 64, id 0, len 93)
17:43:56.349408 81fc4b00.00:a0:d2:1d:a0:a5.4fe0 >
2090001.00:60:b0:cb:1c:3c.900f: ipx-#900f 45


What can be wrong?
Thanks very much for any clue.

Francisco
-- 
_________________________________________________
Francisco Yumiceva
High Energy Group - Dept. of Physics & Astronomy
University of South Carolina
phone: 803.7771438    

http://www.slac.stanford.edu/~yumiceva
_________________________________________________