Hi list!

I'm having a problem where a, in this case, IMAP server (dovecot), configured 
to do auth via GSSAPI,
doesn't authenticate clients coming from the NATed IP it has. Physically it 
only has a private IP
attached (10.1.0.0/8) but it also has a NATed public IP from the internet. The 
NAT is done on the
router/firewall before it get's to the server itself.
I've read about extra_addresses on the /etc/krb5.conf file but that doesn't 
look like it does the
trick of making the authentication work.
If I somehow force the clients to authenticate to the private IP (via hosts 
file for example), the
auth succeeds.

Is this fixable? Thanks!
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to