[OpenAFS] Nat & Ports Question
J
skyliner306@yahoo.com
Fri, 12 Feb 2010 14:41:53 -0800 (PST)
--0-877248125-1266014513=:52197
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
=A0
I'm running an OpenAFS 1.4.7 server on Debian Lenny 2.6.26.=A0 Everything i=
s behind a cheap D-Link router, and I have no trouble connecting any of my =
clients (both Mac and PC) on the LAN.=A0 So I started doing some testing fr=
om outside, and based on what I've read there are problems with NAT which w=
ill probably prevent me from having success.
=A0
My Windows client (first tried OpenAFS version 1.5.65 then upgraded to 1.5.=
71) gets a Kerberos ticket and AFS token, but then chokes on=A0resolving th=
e name to id=A0(error -1).=A0 So I was wondering if someone could explain t=
o a novice what's going on there.
=A0
Also, I see that I need port 88 open to authenticate, which on one hand mak=
es sense since this is a Kerberos port.=A0 But most of the documentation I'=
ve read about AFS says I only need ports open in the 7000 range (specifical=
ly 7001) for minimal file server access, so I was wondering if I'm missing =
something there.
=A0
Thanks in advance for any help you can offer.=A0 Let me know=A0if=A0more in=
formation is needed.
=A0
John
=A0
=A0=0A=0A=0A
--0-877248125-1266014513=:52197
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
<table cellspacing=3D"0" cellpadding=3D"0" border=3D"0" ><tr><td valign=3D"=
top" style=3D"font: inherit;"><DIV> </DIV>
<DIV>I'm running an OpenAFS 1.4.7 server on Debian Lenny 2.6.26. Ever=
ything is behind a cheap D-Link router, and I have no trouble connecting an=
y of my clients (both Mac and PC) on the LAN. So I started doing some=
testing from outside, and based on what I've read there are problems with =
NAT which will probably prevent me from having success.</DIV>
<DIV> </DIV>
<DIV>My Windows client (first tried OpenAFS version 1.5.65 then upgraded to=
1.5.71) gets a Kerberos ticket and AFS token, but then chokes on reso=
lving the name to id (error -1). So I was wondering if someone c=
ould explain to a novice what's going on there.</DIV>
<DIV> </DIV>
<DIV>Also, I see that I need port 88 open to authenticate, which on one han=
d makes sense since this is a Kerberos port. But most of the document=
ation I've read about AFS says I only need ports open in the 7000 range (sp=
ecifically 7001) for minimal file server access, so I was wondering if I'm =
missing something there.</DIV>
<DIV> </DIV>
<DIV>Thanks in advance for any help you can offer. Let me know i=
f more information is needed.</DIV>
<DIV> </DIV>
<DIV>John</DIV>
<DIV> </DIV>
<DIV> </DIV></td></tr></table><br>=0A=0A
--0-877248125-1266014513=:52197--