Re: [Freeipa-users] ipa-server-install + NATTED interface question

Mon, 31 Mar 2014 12:27:31 -0700 

Hi Will,

Hilarious. It's always after you hit 'enter' when sending emails to distro 
lists that you realize what you should have done. (I did what you mentioned 
below moments after sending out the email to the list.)

None the less, I wanted to say THANK YOU for responding. Hopefully, it will 
help others out there.

Have a great day,

Mike



Date: Mon, 31 Mar 2014 12:13:30 -0700
From: m...@willsheldon.com
To: michael.mcconac...@hotmail.com
CC: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] ipa-server-install + NATTED interface question


                
                    

                I had this issue as well.
It would be good to add a `curl icanhazip.com` check to the script to allow for 
1:1 nat in places like AWS.
I successfully worked around the issue by allocating the external IP to an 
internal sub interface during the install:
so run:
ifconfig eth0:0 192.168.10.10 netmask 255.255.255.0 up 
then try the install again.

                

Kind regards,



Will Sheldon


                 
                On Monday, March 31, 2014 at 11:59 AM, The Dude wrote:
                
                    


Hi all; avid user of both FreeIPA and IPA for a few years now. I have a unique 
situation that I hope someone can provide some insight, or help with. I am 
presented a private, and public (floating) IP after RX a VM from my IaaS 
provider. The 'public' IP is NATted, and not visible from w/in the VM, but is 
reachable outside of the VM.

In other words, if you were to do an 'ip a': eth0 would return the private IP.

11.11.11.11 (private)192.168.10.10 (public)


Because the installer only sees the 11.11.11.11 address, it bombs saying that I 
can't use that public IP (being obfuscated by NAT). So, my question is: if I 
have to use the private IP for installs, what configs should I edit to make 
Apache/TC respond to the public IP as requests come into it?

I have already modified the conf/server.xml file, and added an 'address' 
filed/property.Apache might need some mods, I headed over to the httpd.conf 
file and didn't see anything out of the ordinary (except there are 0 
VirtualServer entries..)

Ideas?

Michael J. McConachie | keys.fedoraproject.org | PubKey: 0xEDE583C4
NOTE: The information included and/or attached in this electronic mail 
transmission may contain confidential or privileged information and is intended 
solely for the addressee(s). Any unauthorized disclosure, reproduction, 
distribution or the taking of action in reliance on the contents of the 
information are strictly prohibited. If you have received the message in error, 
please notify the sender by reply transmission and delete the message without 
copying, disclosing or forwarding.
                                          
_______________________________________________Freeipa-users mailing 
listFreeipa-users@redhat.comhttps://www.redhat.com/mailman/listinfo/freeipa-users
                 
                 
                 
                 
                
                 
                
                    

                                                          
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to