Miller, Kevin R wrote:
I went down that route because when I run the ipa_client_install it says that
my IPA server is incorrect and to ensure that I have the required ports open. I
disabled iptables and placed selinux into permissive mode. I attempted
externally to connect to the necessary ports and was able to determine that
they wouldn't respond. I then ran netstat and confirmed that port 389 and port
80 were not listening for IPV4 connections. The only listeners were on ::::389
and ::::80.
I'd run iptables -L to ensure that you indeed have no rules. F-18 by
default configures firewalld.
rob
-----Original Message-----
From: Rob Crittenden [mailto:[email protected]]
Sent: Thursday, March 21, 2013 2:35 PM
To: Miller, Kevin R; [email protected]
Subject: Re: EXTERNAL: Re: [Freeipa-users] Freeipa 3.1.x install on Fedora 18
issues
Miller, Kevin R wrote:
I am able to connect to the web server (80) from the localhost but that is
because it uses loopback to connect to the ipv6 listener. I can telnet to 389
on localhost but again this is due to loopback.
Right, but what about 127.0.0.1, for example? Or the IPv4 address. In other
words, did you go down the netstat route because things weren't working or were
you just checking?
rob
-----Original Message-----
From: Rob Crittenden [mailto:[email protected]]
Sent: Thursday, March 21, 2013 12:45 PM
To: Miller, Kevin R; [email protected]
Subject: EXTERNAL: Re: [Freeipa-users] Freeipa 3.1.x install on Fedora
18 issues
Miller, Kevin R wrote:
I installed freeipa from the Fedora 18 repo and then ran the
freeipa-server-install with the proper parameters. Installation
seems to be successful but the http (80) and ldap (389) services are
not listening on the ipv4 interface. I confirmed that the /etc/hosts
file contains a proper entry that maps the ipv4 address to the fqdn.
If I run a netstat -an |grep 389 I get the following
Tcp6 0 0 :::389 :::* Listen
A netstat -an |grep 80 returns the same
Tcp6 0 0 :::80 :::* Listen
Since I wasn't even using ipv6 I cannot explain why the services were
trying to bind to the ipv6 address instead of the configured IPV4
address I decided to force IPV6 to be disabled by added an entry in
the /etc/sysctl.conf file to disable ipv6. After I did that, the
port
80 now binds to 0.0.0.0 which is what I wanted but the 389 continues
to bind to :::.
Any tips would be appreciated.
Does it actually answer on a IPv4 address (including localhost) on port 389?
rob
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
