Hello Ray, Actually because of the nature of our setup here, w have 2 machines that need allow for nfs mounting and although my personnal thoughts are that they too should be behind the firewall completely, unfortunately I do not get the last word in this.
Opening port 2049 means that I have added this rule to the ipfilter.conf file. $IPMASQADM portfw -a -P udp -L $EXTERN_IP 2040 -R 192.168.1.16 2049 That is strance because the information that I was seeing from nmap suggested taht the nfs port was udp and on 2049 although I might be wrong. I actually do, from the client "mount 1.2.3.4:/testdir /test" and after about 3 - 4 minutes I get: mount: RPC: Timed out does this help to clear things up? Do I also need to open udp/tcp port 111? Cheers, Lonnie > I haven't actually tried doing this, so I'm guessing a bit here > (despite your fairly complete report this time) ... but the rpc > portmapper will need to communicate to do the NFS mount. It > listens on port 111 (TCP, I think). Your firewall probably blocks > port 111 coming in and surely doesn't port-forward it to your > inside NFS server. > > Then, I'm not sure what "opened a udp port 2049" means, exactly. > Since this is an outside machine coming in, you'll need both to > open and to > port-forward it. > > Finally, how long is "a long time"? If about 3 minutes, check > once again for a DNS problem ... is the remote mount command > using the right FQDN for your changed setup? > > Aside from that ... have you thought through the security > implications of this setup? I haven't, but it feels risky to me. > > At 07:36 PM 1/28/02 -0500, Lonnie Cumberland wrote: >>Hello All, >> >>I have been trying, with no luck so fat to mount a directory from >>a machine that I have behind the Eigerstein LRP to a client >>machine outside the firewall. >> >>I have opened a udp port 2049 which is supposed to be for nfs, >>but still I cannot seem to mount the server directory even though >>I can mount the server directory to other machines that are also >>inside the firewall. >> >>When I issue the mount command on the external client it just >>times out after a long time. >> >>Does anyone have some idea? >> >>I would give more specific details, but I am not getting any >>information from the logs or on the command prompt. > > > -- > ------------------------------------"Never tell me the odds!"--- > Ray Olszewski -- Han Solo > Palo Alto, CA [EMAIL PROTECTED] > ---------------------------------------------------------------- -- Lonnie Cumberland OutStep Technologies Incorporated (313) 832-7366 URL: http://www.outstep.com EMAIL: [EMAIL PROTECTED] : [EMAIL PROTECTED] _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
