Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] problems with a client behind a Cisco with NAT

2005-04-08 06:27:46
Subject: Re: [Networker] problems with a client behind a Cisco with NAT
From: rader AT GINSENG.HEP.WISC DOT EDU
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Fri, 8 Apr 2005 05:26:02 -0500 
 > If I am not wrong more ports need to open across the firewall 

You are wrong.  System traces of recover and rpcinfo -c clearly
show the problem is caused by repeated attempts to connect to the
portmap port (111), which is punched through...

 connect(3, {sa_family=AF_INET, sin_port=htons(111), \
   sin_addr=inet_addr("public_address_here")}, 16) \
   = -1 ECONNREFUSED (Connection refused)

 > Legato needs NAT disabled.

No, I doesn't.  NetWorker works with NAT when the appropiate
ports are punched through.  It just balks on the client-side.
(Besides, disabling NAT is not an option.)

steve
- - -

 > -----Original Message-----
 > From: Legato NetWorker discussion [mailto:NETWORKER AT LISTSERV.TEMPLE DOT 
 > EDU] O
 > n
 > Behalf Of rader AT GINSENG.HEP.WISC DOT EDU
 > Sent: Friday, April 08, 2005 3:36 PM
 > To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
 > Subject: [Networker] problems with a client behind a Cisco with NAT
 > 
 > I've got a RHEL3 client behind a Cisco router with NAT with these
 > ports punched through: 111, 7937 & 7938.  NetWorker is working,
 > but commands on the client are balking for ~ 10 seconds... because
 > they can't contact portmap on the client.
 > 
 > After digging around a little, I realized that the Cisco won't
 > allow systems on the private side to contact the punched through
 > ports via the public address.  To wit: rpcinfo -c private_address
 > works but rpcinfo -c public_address fails "connection refused."
 > 
 > Does anyone know of a work-around?  Better yet, does anyone know
 > the correct Cisco IOS magic??  What I have is...
 > 
 >  ip nat inside source static tcp 10.10.10.10 111 interface Ethernet1 111
 >  ip nat inside source static tcp 10.10.10.10 7937 interface Ethernet1 7937
 >  ip nat inside source static tcp 10.10.10.10 7938 interface Ethernet1 7938
 > 
 > steve 
 > - - - 
 > systems & network manager
 > high energy physics
 > university of wisconsin

--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listserv.temple DOT edu or visit the list's Web site at
http://listserv.temple.edu/archives/networker.html where you can
also view and post messages to the list. Questions regarding this list
should be sent to stan AT temple DOT edu
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] problems with a client behind a Cisco with NAT, Anuj Mediratta
Next by Date:  Re: [Networker] Notes Online module: error 525, Manel Rodero
Previous by Thread:  Re: [Networker] problems with a client behind a Cisco with NAT, CurtisE
Next by Thread:  [Networker] Problem with staging to storage node, Allan, Kevin
Indexes:  [Date] [Thread] [Top] [All Lists]