Re: conserver/firewall

On Tuesday, February 5, 2013 at 8:09 PM, Donald Clark wrote:

On the local LAN the console/conserver are working fine. When I go

through the firewall I can see the packets landing on the server

(tcpdump) but the server sends a FIN before the connection happens. The

conserver log files are clean (don't see a connection at all) for the

external user (but I can see the connection via tcpdump. In my

conserver.cf I have a trusted 0.0.0.0/0 but is it possible that outside

connections are not being allowed? Just thought I would ask, before I go

down a path that someone else already went down.

The client can issue console -u and get the list of consoles. But when

doing console <name> the connection doesn't work. Client sees the

following error:

console: connect(): 60876@home.somedomain.com: Connection timed out

Sounds like the connections to the secondary port are being blocked by your firewall.

In addition to port 782, conserver clients will open a second connection to actually connect to the interactive console session.  You need to open a series of ports to support these connections.

If you run tcpdump on the machine you're running the console client on you'll see your client open a second connection.

Check out the "secondaryport" directive in the console.cf man page.

-Jason

-- 

Jason White