[OpenAFS] OpenAFS, NAT, IPtables

Jason Edgecombe jason@rampaginggeek.com
Fri, 28 Sep 2007 23:02:19 -0400

Ron Croonenberg wrote:
> Hello all,
> I hope I am not beating a dead horse here (I saw some references, but
> not a solution).
> I have a few machines in a cluster, and installed openafs on the nodes,
> the client is running (I can see the mountpoints in /afs) But when I try
> to get a token with klog it says
> Unable to authenticate to AFS because Authentication Server was unavailable.
> any ideas ? is that the timeout issue people were talking about ?
> (is there a solution ?)
It sounds like your cell isn't running the legacy authentication server
(kaserver). This is the recommended way. If you have set up kerberos 5,
then run "kinit; aklog"

Have you spoken to your local AFS gurus about how to set things up?

FYI, the OpenAFS client work fine behind NAT with the server on the
public internet. That's what I use from home.