Unable to Authenticate to Open Directory Server

[bflopunk]

Hello all, hopefully this is an easy one, but I have yet to find an answer. I have an open directory server running 10.4.3, that works fine, when not behind a PIX firewall, but when it is behind the firewall, users are unable to authenticate.

The PIX is using 1 to 1 NAT with public and private IP's. I have opened up all traffic to specific test machine, the machine is able to connect to the OD server (when setting up a new LDAP connection), but when I try to authenticate against it (either at machine login or when binding the client), I get the spinning ball after about 7 seconds, then about 10 seconds after that it fails.

If the machine is not behind the PIX and only using its public IP address, it works great. NAT seems to be the issue, but I could be wrong.

Any help you could provide would be greatly appreciated.

Best Regards,
Paul

 

[UpQuark77]

whew.. sounds like a port issue, actually.

Can you take a look at the logs on the firwall and see if the authenticating server (or Mac) is trying to authenticate on a port that isn't open? You could use Ethreal on the PC side.. or http://www.sustworks.com/site/prod_ipmx_overview.html for the mac side..

 

[bflopunk]

Thanks for the reply!

I have the Mac firewall off on both the client and server and I opened the server up at all IP traffic (with regard to the PIX). All outbound traffic is allowed on the PIX aslo.

Still having the same issue. I am going to re create the DNS entry and see if that helps at all.