[OpenAFS] OpenAFS and VPN
Cheyenne Wills
cwills@sinenomine.net
Fri, 6 Jun 2025 08:18:06 -0600
Check to make sure the OpenAFS kernel module is loaded and the afsd
process is running. You can check the kernel log (dmesg) to see if
OpenAFS has started. =20
Next I would check to see if there are any firewall rules that are
blocking the OpenAFS ports (udp 7001).
--=20
Cheyenne Wills
cwills@sinenomine.net
On Fri, 6 Jun 2025 12:36:26 +0200
Martin Podworny <podworny@ub.uni-koeln.de> wrote:
> Hi,
>=20
> we have been running an AFS-Cell on Debian for years without any
> problems.
>=20
> Now we had to upgrade the Debian-Cellserver from Debian 9 (Stretch)
> via Debian 10 (Buster) and Debian 11 (Bullseye) to Debian 12
> (Bookworm). We only use standardized packages from the Debian
> repositories.
>=20
> The problem we have now is that clients that are connected from the
> University's VPN can obtain a Kerberos ticket, but they cannot fetch
> data from cells fileserver. While the cell works flawlessly for all
> other clients.
>=20
> This behavior starts with Debian 11 which installs OpenAFS 1.8.6-5
> and kernel 5.10.237-1. On Debian 10 with OpenAFS 1.8.2 and 4.19.249-2
> everything still works, even for VPN-Clients.
>=20
> Do you have any idea how to explain or eliminate this behavior? Are
> there any correlations with kernel parameter or settings for file-
> and dbserver?
>=20
> If it is useful, i can attach some debug data from cells fileserver.
>=20
> Thank you,
>=20
> Martin
> --
> University and City Library of Cologne
> IT-Department
> Universit=C3=A4tsstr. 33 :: D-50931 K=C3=B6ln
> Tel.: +49 221 470-2593 :: Fax: +49 221 470-5166
> podworny@ub.uni-koeln.de :: www.ub.uni-koeln.de
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info