Miller, Kevin R wrote:
I went down that route because when I run the ipa_client_install it says that 
my IPA server is incorrect and to ensure that I have the required ports open. I 
disabled iptables and placed selinux into permissive mode.  I attempted 
externally to connect to the necessary ports and was able to determine that 
they wouldn't respond.  I then ran netstat and confirmed that port 389 and port 
80 were not listening for IPV4 connections.  The only listeners were on ::::389 
and ::::80.


I'd run iptables -L to ensure that you indeed have no rules. F-18 by default configures firewalld.

rob




-----Original Message-----
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Thursday, March 21, 2013 2:35 PM
To: Miller, Kevin R; Freeipa-users@redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Freeipa 3.1.x install on Fedora 18 
issues

Miller, Kevin R wrote:
I am able to connect to the web server (80) from the localhost but that is 
because it uses loopback to connect to the ipv6 listener.  I can telnet to 389 
on localhost but again this is due to loopback.

Right, but what about 127.0.0.1, for example? Or the IPv4 address. In other 
words, did you go down the netstat route because things weren't working or were 
you just checking?

rob



-----Original Message-----
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Thursday, March 21, 2013 12:45 PM
To: Miller, Kevin R; freeipa-users@redhat.com
Subject: EXTERNAL: Re: [Freeipa-users] Freeipa 3.1.x install on Fedora
18 issues

Miller, Kevin R wrote:
I installed freeipa from the Fedora 18 repo and then ran the
freeipa-server-install with the proper parameters.  Installation
seems to be successful but the http (80) and ldap (389) services are
not listening on the ipv4 interface.  I confirmed that the /etc/hosts
file contains a proper entry that maps the ipv4 address to the fqdn.
If I run a netstat -an |grep 389 I get the following

Tcp6       0              0              :::389     :::*         Listen

A netstat -an |grep 80 returns the same

Tcp6       0              0              :::80       :::*         Listen

Since I wasn't even using ipv6 I cannot explain why the services were
trying to bind to the ipv6 address instead of the configured IPV4
address I decided to force IPV6 to be disabled by added an entry in
the /etc/sysctl.conf file to disable ipv6.  After I did that, the
port
80 now binds to 0.0.0.0 which is what I wanted but the 389 continues
to bind to :::.

Any tips would be appreciated.

Does it actually answer on a IPv4 address (including localhost) on port 389?

rob



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to