David Haché wrote:
> Did you open the path the other way around to try?
Not yet, but that's a good idea.
> Is there a proxy in the way? (on monowall or somewhere else)
No, just two nets seperated by the monowall
> Did you make sure the names are well resolved on both ends? (i guess you
> did not change subnets or dns servers...)
That's actually the first thing I checked, since I have a bad habit of
screwing those sorts of things up, but that all panned out.
> What is the CPU load on the Monowall when you try to use the NFS? (Cisco
> chips are faster then some old servers where you would run monowall...)
I just checked, and it's negligible (hard to ready, but well under 5%)
I just got it working on both DMZ clients connecting to the LAN server
by adding a "-r=1024" option to my nfs mount command. According the
FreeBSD handbook, this is needed for old ISA ethernet cards. Odd, I have
quite modern Broadcom cards in these boxes running at 100full.
Tomorrow, I'll console into the switches and make sure the negotiation
settings are correct on the ports, I've had bad things happen to me
before because of stuff like that.
> On 1/17/08, *Duane Winner* <dwinner at utrs dot com <mailto:dwinner at utrs dot com>>
> I just moved my NFS server and clients to my new network w/ a m0n0wall,
> and now I cannot get functioning NFS connections working.
> On the clients, I can initially do an NFS mount, and even `ls` down a
> few directories in the mount, but then I always get this as soon as try
> to look in a directory with files:
> nfs server 10.10.40.1:/data: not responding
> (and worse, I then have to reboot).
> NFS mounting between network segments always worked before when I was
> using a PIX, and this is the first major issue I've run into with
> At first I thought it might be because I forgot to create a rule (added
> all the tcp and udp port allows inititially), but then, just until I get
> this worked out, I decided to allow all TCP,UDP and ICMP from the NFS
> client to the NFS sever. I see nothing in the logs that any packets are
> being dropped or rejected.
> LAN: 10.10.0.0/16 <http://10.10.0.0/16>
> DMZ: 10.20.0.0/16 <http://10.20.0.0/16>
> NFS Server: 10.10.40.1 <http://10.10.40.1>
> NFS Client: 10.20.30.4 <http://10.20.30.4>
> I apologize in advance if this is not a m0n0wall issue, but I'm stumped,
> as I said nothing, really changed on the NFS client and server, I just
> moved them off the pix net and onto the m0n0 net. And also, if I take
> another host in the LAN and connect to the NFS server, and set it up in
> /etc/exports on the server, no problem. It's only a problem for clients
> seperated by the m0n0wall.
> I'm running FreeBSD 6.2 all around.
> Thanks so much in advance for any insight, and if I'm told that this
> cannot be a m0n0wall issue, then I'll take this over to another forum.
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> <mailto:m0n0wall dash unsubscribe at lists dot m0n0 dot ch>
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> <mailto:m0n0wall dash help at lists dot m0n0 dot ch>
> David Haché
> Cell: 514.594.5841