Bob,Yes the FOG-A servers see my test DTU as coming from 192.168.100.3. The only way I was able to get my DTU to get out of the TEST-A VLAN to my FOG-A VLAN was with IP forwarding and IP NAT enabled on my TEST-A server. My IP NAT config is:
map ce1 192.168.129.0/24 -> 192.168.100.3/32 Bob Doolittle wrote:
I don't see how your can get the debug output in your FOG-A script that you state, given the addresses you are quoting.The problem is this line: if [ "$username" = "" -a "$terminal_ip_addr" = "192.168.100.3" ] terminal_ip_addr will be the IP address of your *DTU*, not your *Server*.You say that your server IP address is 192.168.100.3, so this test should always fail, but in your debug output you show "Send Use First", which should never happen if the test fails.Are you sure you are quoting your addresses correctly in the mail you sent?If 192.168.100.3 is in fact your DTU address, then you shouldn't be returning "host=192.168.100.3" since that should be a server address.If this doesn't help, please resend your data, clearly labeling your server and DTU addresses separately.If you are using DHCP, you probably should never be comparing terminal_ip_addr directly since you don't know the addresses your DTUs will be getting. That value was supplied so you could mask it appropriately before comparing to a subnet address, if you wished to make some decision based on a subnet on which a Sun Ray resided. It can't be usefully used without masking in a script unless you use fixed addresses for DTUs. If you want to make a per-DTU decision, you can use the terminal_cid, which is a constant based on the MAC address of the DTU (e.g. IEEE802.080020010203 for a MAC of 080020010203).-Bob CJ Keist wrote:I'm still working on getting this work. Here is what I'm running up against now.I have a test sunray group, TEST-A, setup in kiosk mode running just a web broswer. I have it setup with AMGH so that when you insert a smart card it will connect you to our main sunray server group, FOG-A. That part works fine. The problem is that when I remove my card the DTU remains connected to the FOG-A servers. My setup:TEST-A - Network: VLAN 192.168.129.0 (test kiosk network) VLAN 192.168.100.3 (Connection to our FOG-A network) 129.xx.xxx.xxx (regular network) Server is configure with out dedicated interconnects. IP forwarding is enabled FOG-A - Network: VLAN 192.168.100.0 (FOG-A network) 129.xx.xxx.xxx (regular network) Servers are configured with dedicated interconnects to the 192.168.100.0 VLAN. Here is the AMGH script on my test kiosk server: #!/bin/sh DBFILE=/opt/SUNWutref/amgh/back_end_db OUTPUT=/opt/SUNWutref/amgh/out.txt # parse the args into shell vars while read A do eval "$A" done touch $OUTPUT echo "UserName: $username">>$OUTPUT echo "Token: $token" >>$OUTPUT echo "Terminal CID: $terminal_cid">>$OUTPUT echo "Terminal IP: $terminal_ip_addr">>$OUTPUT echo "Insert Token: $insert_token">>$OUTPUT echo "Display: $display">>$OUTPUT # if a username is provided if [ -n "$username" ] then echo "host=192.168.100.1" exit 0 fi exit 0This works as I said. I can put in my smart card and it does connect to our FOG-A servers and finds my session.On our FOG-A servers here is the AMGH script they run: #!/bin/sh OUTPUT=/opt/SUNWutref/amgh/out.txt # parse the args into shell vars while read A do eval "$A" done touch $OUTPUT echo "UserName: >>$username<<">>$OUTPUT echo "Token: $token" >>$OUTPUT echo "Terminal CID: $terminal_cid">>$OUTPUT echo "Terminal IP: $terminal_ip_addr">>$OUTPUT echo "Insert Token: $insert_token">>$OUTPUT echo "Display: $display">>$OUTPUT if [ "$username" = "" -a "$terminal_ip_addr" = "192.168.100.3" ] then echo "Send Use First">>$OUTPUT echo "host=192.168.100.3" #echo "use_firstserver=true" fi exit 0This doesn't work. I have tried both the setting host ip and the use_firstserver flag. Here is the debug output of the server my test DTU connects to after I pull my card:UserName: >><< Token: pseudo.00144fb1d1ef Terminal CID: IEEE802.00144fb1d1ef Terminal IP: 192.168.100.3 Insert Token: pseudo.00144fb1d1ef Display: :39 Send Use FirstIt is the same if I use the "use_firstserver" flag as well. The DTU is not connecting back to my test kiosk server for some reason. Any ideas why? Is it that the DTU is suppose to pickup the echo statements and know what to do?------------------------------------------------------------------------ _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users_______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
-- C. J. Keist Email: [email protected] UNIX/Network Manager Phone: 970-491-0630 Engineering Network Services Fax: 970-491-5569 College of Engineering, CSU Ft. Collins, CO 80523-1301 All I want is a chance to prove 'Money can't buy happiness'
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
