[OpenAFS] error on windows after installing cisco anynet vpn
David Bear
David.Bear@asu.edu
Tue, 24 Jun 2008 17:50:45 -0700
------=_Part_5733_7393635.1214355045070
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
I have had a working openafs installation in a windows box for months,
various version of 1.5.3xx
Today I installed the cisco anyconnect vpn client and after that openafs is
no longer able to use KfW to get afs tokens.
I still get kerberos tokens and NiM does report that I have them:
krbtgt/ASU.EDU@ASU.EDU
afs@ASU.EDU
however, when I start afscreds it doesn't seem to know that it is supposed
to have tokens. I can use afscred to get tokens.. and issuing a tokens
command from the windows cmd shell does list my afs tokens.
However, any attempt to use \\afs\asu.edu\... etc, windows explorer always
returns that I don't have permissions on this network resource.
There are no meaningful events logged either. I am thinking that cisco has
done something evil here. Has anyone else seen something like this?
attempting a cmdebug gives me this:
Chunk files: 0
Stat caches: 10000
Data caches: 24576
Volume caches: 3333
Chunk size: 262144
Cache size: 98304 kB
Set time: no
Cache type: memory
thats probably meaningless though.
rxdebug gives me
Trying 129.219.57.39 (port 7001):
Free packets: 166, packet reclaims: 0, calls: 0, used FDs: 0
not waiting for packets.
0 calls waiting for a thread
1 threads are idle
Connection from host 129.219.7.145, port 7000, Cuid 48619373/21909e60
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn
call 0: # 1, state dally, mode: error
call 1: # 0, state not initialized
call 2: # 0, state not initialized
call 3: # 0, state not initialized
Connection from host 129.219.7.143, port 7000, Cuid 48619373/21909e64
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn
call 0: # 1, state dally, mode: error
call 1: # 0, state not initialized
call 2: # 0, state not initialized
call 3: # 0, state not initialized
Connection from host 129.219.7.142, port 7000, Cuid 48619373/21909e68
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn
call 0: # 1, state dally, mode: error
call 1: # 0, state not initialized
call 2: # 0, state not initialized
call 3: # 0, state not initialized
Connection from host 129.219.7.141, port 7000, Cuid 48619373/21909e6c
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn
call 0: # 1, state dally, mode: error
call 1: # 0, state not initialized
call 2: # 0, state not initialized
call 3: # 0, state not initialized
Connection from host 129.219.7.144, port 7000, Cuid 48619373/21909e70
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn
call 0: # 1, state dally, mode: error
call 1: # 0, state not initialized
call 2: # 0, state not initialized
call 3: # 0, state not initialized
Any thoughts?
--
David Bear
College of Public Programs at ASU
602-464-0424
------=_Part_5733_7393635.1214355045070
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
I have had a working openafs installation in a windows box for months, various version of 1.5.3xx <br><br>Today I installed the cisco anyconnect vpn client and after that openafs is no longer able to use KfW to get afs tokens.<br>
<br>I still get kerberos tokens and NiM does report that I have them:<br><br>krbtgt/<a href="http://ASU.EDU">ASU.EDU</a>@<a href="http://ASU.EDU">ASU.EDU</a><br><a href="mailto:afs@ASU.EDU">afs@ASU.EDU</a><br><br>however, when I start afscreds it doesn't seem to know that it is supposed to have tokens. I can use afscred to get tokens.. and issuing a tokens command from the windows cmd shell does list my afs tokens.<br>
<br>However, any attempt to use \\afs\<a href="http://asu.edu">asu.edu</a>\... etc, windows explorer always returns that I don't have permissions on this network resource.<br><br>There are no meaningful events logged either. I am thinking that cisco has done something evil here. Has anyone else seen something like this?<br>
<br>attempting a cmdebug gives me this:<br><br>Chunk files: 0<br>Stat caches: 10000<br>Data caches: 24576<br>Volume caches: 3333<br>Chunk size: 262144<br>Cache size: 98304 kB<br>Set time: no<br>Cache type: memory<br>
<br><br>thats probably meaningless though. <br><br>rxdebug gives me <br><br>Trying <a href="http://129.219.57.39">129.219.57.39</a> (port 7001):<br>Free packets: 166, packet reclaims: 0, calls: 0, used FDs: 0<br>not waiting for packets.<br>
0 calls waiting for a thread<br>1 threads are idle<br>Connection from host <a href="http://129.219.7.145">129.219.7.145</a>, port 7000, Cuid 48619373/21909e60<br> serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn<br>
call 0: # 1, state dally, mode: error<br> call 1: # 0, state not initialized<br> call 2: # 0, state not initialized<br> call 3: # 0, state not initialized<br>Connection from host <a href="http://129.219.7.143">129.219.7.143</a>, port 7000, Cuid 48619373/21909e64<br>
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn<br> call 0: # 1, state dally, mode: error<br> call 1: # 0, state not initialized<br> call 2: # 0, state not initialized<br> call 3: # 0, state not initialized<br>
Connection from host <a href="http://129.219.7.142">129.219.7.142</a>, port 7000, Cuid 48619373/21909e68<br> serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn<br> call 0: # 1, state dally, mode: error<br>
call 1: # 0, state not initialized<br> call 2: # 0, state not initialized<br> call 3: # 0, state not initialized<br>Connection from host <a href="http://129.219.7.141">129.219.7.141</a>, port 7000, Cuid 48619373/21909e6c<br>
serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn<br> call 0: # 1, state dally, mode: error<br> call 1: # 0, state not initialized<br> call 2: # 0, state not initialized<br> call 3: # 0, state not initialized<br>
Connection from host <a href="http://129.219.7.144">129.219.7.144</a>, port 7000, Cuid 48619373/21909e70<br> serial 25, natMTU 1444, flags DESTROYED, security index 0, client conn<br> call 0: # 1, state dally, mode: error<br>
call 1: # 0, state not initialized<br> call 2: # 0, state not initialized<br> call 3: # 0, state not initialized<br><br>Any thoughts?<br><br clear="all"><br>-- <br>David Bear<br>College of Public Programs at ASU<br>
602-464-0424
------=_Part_5733_7393635.1214355045070--