First thing that popped of to my mind is to set the WAN IP into your autentication server xml configs. I dont think routing certain ports to your auth server is enough if the auth server has created accounts with 192.168.0.2 and you are logging in as user@<wanip> that seems to be the problem here.
I arent that familiar with the authentication server either so i cant really say this works. Only problem I see here is that if you define the authentication servers xml to your wan ip that you are not the owner of. It could give you binding error for the port on startup. Some servers have the logic that they can only bind ports if they have the address to them selves, but as I said I havent tried this but give it a try and tell me more. Be sure to open up both UDP and TCP protocols to be sure. Oh and if this wan ip to the configs work and it starts up be sure to create a new account for testing, otherwise youll only have the old @192.168.0.2address. On Wed, Jan 6, 2010 at 6:28 PM, akaydin <[email protected]> wrote: > Ryan thanks a lot for your answer. > > Unfortunately [email protected] does not work from outside network. > Nothing happens if I use internal ip here(192.168.0.2) however if I > use WAN IP then I can connect to the authentication server(from what I > see on authentication server console) but login operation fails. And > if I can connect to the authentication server(althought login > operation fails) then I believe that should mean that the WAN ip > resolves correctly and redirected through my NAT. > > I may be wrong but it seems like" testuser@<wan_ip>" is also sent as a > complete string in some part of an xml message to the authentication > server. I believe only the left part before "@" sign - that is > "testuser" - and user password should be enough to authenticate a user > (considering that ip adress is already resolved). > > It seems to me that Authentication server simply checks if > "testuser@<wan_ip>" matches with a string that it forms from local > ip... like "[email protected]" and boom!.... these two dont match > so login fails... > > Internal ip stays the same for all pcs connected to a particular LAN. > So no problems occur if I try to connect from a seperate pc which is > in the same LAN with my server since username and host strings will > always match. (actually this is what I have been doing till now). > > These are all my assumptions though. I may be wrong but I believe > something like this is the primary reason of this problem. > > Can I download authentication server's source code from somewhere? > perhaps I can try to fix this in source code... I have checked modrex > site but couldn't find an svn link particularly for authentication and > avatar storage servers. > > Perhaps you are right though. I only have basic knowledge of > networking so there may be a way of configuring the network so that > this problem is fixed. > > Is there a tutorial on how to do such a network configuration? Or is > there anyone who successfully deployed a RealXTend server which > operates on net standalone? Preferably someone who did it with DSL > connection(and in my case also dynamic ip :D) > > I would be happy to hear from you all... > > And Ryan Thanks again for your answer, > > Regards, > > Ates Akaydin > > > > > > > On 6 Ocak, 16:44, Ryan McDougall <[email protected]> wrote: > > Once again, this is before my time, and I've never once worked on the > > authentication servers, but afaik, this was a fundamental choice to > > mimick the way e-mail works. You can't just send an email to "joe", it > > has to be "joe" at "example.com", where example.com is a computer that > > knows a certain joe among many. It works because there is an entry in > > the DNS server that says the mail server that's authoritative for > > example.com, and mail clients do a DNS query to find the IP. A number > > of people here have set up reX for the public (such as > > world.evocativi.com), so it *is* possible -- but you may need DNS > > and/or public IPs... > > > > So basically, I think this an internal network configuration issue, > > and kinda beyond what we're capable of helping you with. Network > > configuration is not easy, and present a barrier to adoption of VW > > servers (actually any non-trivial home server). Does > > "[email protected]" work from outside the network? > > > > If anyone knows better than me, feel free to correct me. Better a > > half-assed answer than none. > > > > Cheers, > > > > On Wed, Jan 6, 2010 at 10:16 AM, akaydin <[email protected]> wrote: > > > Is there a way to configure authentication server such that it > > > neglects IP attached to user name during authentication process. And > > > authenticate solely on username and password instead. Nothing else? > > > > > On 6 Ocak, 10:12, akaydin <[email protected]> wrote: > > >> Hi again, > > > > >> I've read most of the manuals and made necessary modifications to my > > >> httpsettings and configuration xml files. > > > > >> I now have a server machine connected to the internet via ADSL(Dynamic > > >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > > >> DHCP of the Adsl Modem. I have configured necessary ip values in my > > >> xml files to this value 192.168.0.2. > > > > >> However since the modem routs data to several machines at once I had > > >> to make a quick NAT configuration for RealXTend ports. So I had > > >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > > >> 192.168.0.2 > > > > >> Now here comes the tricky part. No matter what I do I cannot > > >> authenticate my avatar from the avatar server. > > > > >> I set the user name and connect to fields to the following in the > > >> client ui. > > > > >> User name: testuser@<wan ip> > > >> Connect to: <wan ip>:9000 > > > > >> where <wan ip> is my WAN ip. > > > > >> Anyway I see opensim server capturing the data I send on the console > > >> log and creating an XMLRPC message for authentication server. However > > >> Authentication Server does nothing and returns null. So my login > > >> process fails with a "Login Failed: Could not authenticate your > > >> avatar. Please check your user name and password and check the grid if > > >> problem persists" message > > > > >> If I try to connect to my server with a client on the server machine > > >> with following parameters: > > > > >> User name: [email protected] > > >> Connect to: 192.168.0.2:9000 > > > > >> Then I can connect without a problem. I can assure that the username > > >> and password are correct I guess the domain name after "@" sign in > > >> user name causes this. In a way that authentication server receives > > >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > > >> client and doest not authenticate as wan-ip does not match with lan-ip > > >> at that step. > > > > >> Can anyone help me solve this problem? > > > > >> Thanks a lot, > > > > >> Best Regards, > > > > >> Ates Akaydin > > > > > -- > > >http://groups.google.com/group/realxtend > > >http://www.realxtend.org > > On 6 Ocak, 16:44, Ryan McDougall <[email protected]> wrote: > > Once again, this is before my time, and I've never once worked on the > > authentication servers, but afaik, this was a fundamental choice to > > mimick the way e-mail works. You can't just send an email to "joe", it > > has to be "joe" at "example.com", where example.com is a computer that > > knows a certain joe among many. It works because there is an entry in > > the DNS server that says the mail server that's authoritative for > > example.com, and mail clients do a DNS query to find the IP. A number > > of people here have set up reX for the public (such as > > world.evocativi.com), so it *is* possible -- but you may need DNS > > and/or public IPs... > > > > So basically, I think this an internal network configuration issue, > > and kinda beyond what we're capable of helping you with. Network > > configuration is not easy, and present a barrier to adoption of VW > > servers (actually any non-trivial home server). Does > > "[email protected]" work from outside the network? > > > > If anyone knows better than me, feel free to correct me. Better a > > half-assed answer than none. > > > > Cheers, > > > > On Wed, Jan 6, 2010 at 10:16 AM, akaydin <[email protected]> wrote: > > > Is there a way to configure authentication server such that it > > > neglects IP attached to user name during authentication process. And > > > authenticate solely on username and password instead. Nothing else? > > > > > On 6 Ocak, 10:12, akaydin <[email protected]> wrote: > > >> Hi again, > > > > >> I've read most of the manuals and made necessary modifications to my > > >> httpsettings and configuration xml files. > > > > >> I now have a server machine connected to the internet via ADSL(Dynamic > > >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > > >> DHCP of the Adsl Modem. I have configured necessary ip values in my > > >> xml files to this value 192.168.0.2. > > > > >> However since the modem routs data to several machines at once I had > > >> to make a quick NAT configuration for RealXTend ports. So I had > > >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > > >> 192.168.0.2 > > > > >> Now here comes the tricky part. No matter what I do I cannot > > >> authenticate my avatar from the avatar server. > > > > >> I set the user name and connect to fields to the following in the > > >> client ui. > > > > >> User name: testuser@<wan ip> > > >> Connect to: <wan ip>:9000 > > > > >> where <wan ip> is my WAN ip. > > > > >> Anyway I see opensim server capturing the data I send on the console > > >> log and creating an XMLRPC message for authentication server. However > > >> Authentication Server does nothing and returns null. So my login > > >> process fails with a "Login Failed: Could not authenticate your > > >> avatar. Please check your user name and password and check the grid if > > >> problem persists" message > > > > >> If I try to connect to my server with a client on the server machine > > >> with following parameters: > > > > >> User name: [email protected] > > >> Connect to: 192.168.0.2:9000 > > > > >> Then I can connect without a problem. I can assure that the username > > >> and password are correct I guess the domain name after "@" sign in > > >> user name causes this. In a way that authentication server receives > > >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > > >> client and doest not authenticate as wan-ip does not match with lan-ip > > >> at that step. > > > > >> Can anyone help me solve this problem? > > > > >> Thanks a lot, > > > > >> Best Regards, > > > > >> Ates Akaydin > > > > > -- > > >http://groups.google.com/group/realxtend > > >http://www.realxtend.org > > -- > http://groups.google.com/group/realxtend > http://www.realxtend.org > -- Best regards, Jonne Nauha realXtend developer http://www.realxtend.org/ http://www.evocativi.com/
-- http://groups.google.com/group/realxtend http://www.realxtend.org
