Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
nfs access to server above the firewall
« previous
next »
Print
Pages: [
1
]
Author
Topic: nfs access to server above the firewall (Read 5426 times)
jinnicky
Newbie
Posts: 2
Karma: 0
nfs access to server above the firewall
«
on:
May 30, 2018, 05:09:40 pm »
I have a test bed set up on my local network.
my local network server1
fire1 wan -->my local net
lan -->test1
fire2 wan -->my local net
lan --> test2
I'm trying to nfs mount one of the shares on server1 on each of the test machines. Journalctl on server1 shows that the mount request was refused because of an illegal port. The port changes each time I try and is a very high number. The ip address of the request was the wan ip of my firewall which is ok. I should be able to have test1 and test2 each access the shared files on server1.
Test1, test2 and server1 are all running Debian stretch
So the question is: What do I have to do to set this up?
I'm very new to OPNsense and BSD. I've been using firewalls for a long time starting with Smoothwall->ipcop-ipfire.
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: nfs access to server above the firewall
«
Reply #1 on:
May 30, 2018, 10:13:09 pm »
Do you have different subnets or are the firewalls bridged? If routed, do you use NAT?
What does cat /proc/fs/nfsd/versions give you on the NFS server?
Bart...
Logged
jinnicky
Newbie
Posts: 2
Karma: 0
Re: nfs access to server above the firewall
«
Reply #2 on:
May 30, 2018, 10:42:31 pm »
cat /proc/fs/nfsd/versions
-2 +3 +4 +4.1 +4.2
The wan address on fire1 is 192.168.143.125, fire2 and test2 are not powered on.
The lan address of test1 is 192.168.22.101 (fire1 lan ip is 192.168.22.1)
Server1 is at 192.168.143.10
The firewalls are using DHCP to get their wan IP addresses on the 192.168.143.0/24 network
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: nfs access to server above the firewall
«
Reply #3 on:
May 31, 2018, 10:30:29 pm »
Set the server and the client to use NFS version 4. This removes the need for random high ports.
Allow 111/TCP, 111/UDP, 2049/TCP, and 2049/UDP through each firewall to the server
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
nfs access to server above the firewall