Jeff @ SLYN Systems wrote:
We have been attempting to create remote access to 2 macs that are behind a Netopia router employing Netopia's equivalent of port forwarding, know as Pinholes. We created a pinhole for port 548, one of the two ports that AFP is set up to use, (The other being 427). The remote Macbook at the customer's home is running system 10.5. The target Macbook, located at the customer's office behind the router, is also running system 10.5. This setup worked briefly but then halted. We tried rebooting the router after this failure but the Home Macbook fails to connect.
Here's what I've done in similar situations.First, make sure the router is sending the traffic to the right machine. A simple way to do this is to first of all turn off the firewall on the server machine, turn on Web sharing and use the router to direct outside port 548 to port 80 on the server. If you can hit it with your Web browser from inside and outside, then you know the server is running and the traffic can be directed in that direction. As a followup, reset the Port directive in /etc/httpd/httpd.conf to be on port 548 and the forwarding on your router to see if it still works. (Remember to turn off AFP and restart httpd, or you'll spend as much time as I did once to figure out why nothing works. Boy, did I feel stupid!)
If this works, turn off httpd and turn afpd back on and do a netstat - na | grep LISTEN on the server to make sure something's listening on the port. Then do netstat -a| grep LISTEN to make sure the right daemon is listening. You should see afpovertcp listening on port 548. From outside try to telnet into the port. On the remote machine it should look something like
Pippin /etc/httpd>telnet erdos.math.louisville.edu 548 Trying 136.165.22.1... Connected to erdos. Escape character is '^]'.This will tell you the daemon is active and listening and you are actually talking to it.
If all this works, you know there are no simple firewall issues. If not, there are ways to dig deeper.
The second Mac that is behind the firewall is an Emac running system 10.3. We attempted to set this up using a pinhole for port 427, but this did not work. After doing some research, found a command line that could be issued to set up the second Mac to use port 549. The command line is as follows:ipfw add fwd localhost,548 tcp from any to any 549 via en0 This command line failed to load.
Did you remember to precede it with sudo? Mere mortals can't command ipfw. You can check the current rules with sudo ipfw list.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ The next Louisville Computer Society meeting will be April 22 at MacAuthority, 128 Breckinridge Lane. Posting address: [email protected] Information: http://www.math.louisville.edu/mailman/listinfo/macgroup
