NFS through firewall
James Pifer
jep at obrien-pifer.com
Thu Nov 17 14:26:14 UTC 2005
Hi. I have a server in our DMZ and I'm exporting a specific directory
with NFS. I have an internal server that I want to mount it on. The
internal server is allowed through the firewall without restriction.
Firewall guy tells me it's wide open for this internal server, TCP and
UDP.
When I try to mount the drive I get this error:
pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection
reset by peer
On the server running NFS I get this:
rpc.mountd: authenticated mount request from [internal_server]:680
for /usr/test (/usr/test)
If I do an nmap from the internal server to the external server running
I get:
(The 1648 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
443/tcp open https
933/tcp open unknown
5001/tcp open commplex-link
5801/tcp open vnc-http-1
5901/tcp open vnc-1
10000/tcp open snet-sensor-mgmt
A UDP port scan seems to hang.
If I do an rpcinfo on the external server running NFS I get:
# rpcinfo -p 127.0.0.1
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
391002 2 tcp 32769 sgi_fam
100011 1 udp 930 rquotad
100011 2 udp 930 rquotad
100011 1 tcp 933 rquotad
100011 2 tcp 933 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100021 1 udp 32781 nlockmgr
100021 3 udp 32781 nlockmgr
100021 4 udp 32781 nlockmgr
100005 1 udp 32782 mountd
100005 1 tcp 59483 mountd
100005 2 udp 32782 mountd
100005 2 tcp 59483 mountd
100005 3 udp 32782 mountd
100005 3 tcp 59483 mountd
Any thoughts on what the problem is?
Thanks,
James
More information about the users
mailing list