DHCP works but no internet to clients
-
@Sebastian-Roth when I try to connect using an ftp client (coreftp) it gives me this:```
Connect socket #1904 to ***.***.215.106, port 22... Can't establish connection --> ***.***.215.106:22 @ Tue Nov 05 14:38:50 2019 (0-38) Connection FailedI started out the first part of my IP as that is a a private IP for our school.
-
@davidka Hmmm did someone play (test) with iptables that may be blocking ftp access? </snark>
-
@davidka said in DHCP works but no internet to clients:
Connect socket #1904 to ..215.106, port 22…
Port 22 is SSH/SCP not FTP?!
-
@davidka From your windows computer, can you ftp to 192.168.1.1 (your fog server I guess) with the user name of fogproject and the password found in /opt/fog/.fogsettings ? it will be a random long password. If you can connect via FTP from a windows computer then we have something else going wrong.
-
@Sebastian-Roth 22 is just was in the blank be default. I’m not sure what port it should be.
-
@george1421 I’ve changed that password in all its locations to a custom password. (but it was messing up before I did that though) and no it doesn’t connect.
Okay so I changed it to port 21 and got this
Connect socket #1760 to ***.***.215.106, port 21... 500 OOPS: tcp_wrappers is set to YES but no tcp wrapper support compiled in Can't establish connection --> ***.***.215.106:21 @ Tue Nov 05 15:12:53 2019 (0-the 192.168.1.1 is my DHCP pool the server IP is different. it ends in 215.106
-
@davidka said in DHCP works but no internet to clients:
the 192.168.1.1 is my DHCP pool the server IP is different. it ends in 215.106
You are going to have to explain how you have things setup, because from your picture the client is trying to connect to 192.168.1.1
I’m also concerned about this statement
I’ve changed that password in all its locations to a custom password
What does that mean? The fogproject service account is owned and managed by the fog installer. Its password shouldn’t be touched.
-
@george1421 I went into all the config files and changed it. didnt realize it was a big deal. But it was messing up even before I did that. do I need to run the fog installer again ?
I’ve got two NICs one is 192.168.1.1 for DHCP on an isolated network the other is ..215.106 this one has access to the rest of the schools network and assigned by my sysadmin. I needed to be able to remote into the server and supply intert the clients at the same time, so I have it configured to route the traffic from 192.168.1.1 through IP tables and NAT to the 215.106 interface.
My sysadmin does not want DHCP to the rest of the network, hence the utterly complex setup i’m trying to pull off. I’ve tryed to explain to him that FOG wants to be part of the main network, and is expecting a DHCP server to already be setup, etc. But at this time he don’t want that. Its a whole other rant for another time… (we are manually updating everything, not using SCCM or any thing…)
-
@davidka Well there is a tutorial I have on resyncing all of the password locations that you can run through. You can change the password to what ever you like as long as its secure and consistent. https://forums.fogproject.org/topic/11203/resyncing-fog-s-service-account-password
Looking at your other posts it appears you do have the imaging lan nic set to 192.168.1.1 (at least in your OP).
From your fog server you can run this command to see if the ftp server is running.
netstat -an | grep ":21"should show you the ftp server is up and running.From either the imaging network or from your business network you should be able to connect to the ftp server on the FOG server using a windows computer and the ftp command line client. Again the password will be what is found in /opt/fog/.fogsettings file once you resync all of the passwords. If you can log in via ftp to the fog server then we will dig elsewhere.
-
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTENthats what that gave me.
and this
ftp> open ***.***.215.106 Connected to ***.***.215.106. 500 OOPS: tcp_wrappers is set to YES but no tcp wrapper support compiled in Connection closed by remote host. -
@davidka said in DHCP works but no internet to clients:
500 OOPS: tcp_wrappers is set to YES but no tcp wrapper support compiled in
what is the OS distro FOG is running on?
-
@george1421 Fedora 30
-
@davidka While I’m a bit baffled why its set. One link I found said to edit vsftpd.confg (should be some place under /etc) and remove or comment out the
tcp_wrappersstatement.Edit: Actually I think it needs to be tcp_wrappers=no the default may be yes
-
@davidka @george1421 We removed the
tcp_wrapper=option from vsftpd.conf in our install scripts just recently because it caused an issue with CentOS 8. It’s very unfortunate that no one noticed this to be an issue in Fedora 30 as well. Just remove the line from the config, restart your FOG server and things should be working. -
@george1421 okay so setting that to NO seems to have done the trick. I can log in to ftp now, and the image capture successfully put the finished image in the images dir. I am now doing my first image restore to a test machine, its looking promising ^_^
-
@davidka Just as an FYI, only the capture uses FTP. The deployment should work just fine. As for the upload residue, you can safely delete the directories that appear as mac address in /images/dev. You can also salvage the upload too but it will take a little manual activity.
-
and now my routing has stopped working again. did’nt notice it because i had to step away for a bit, but the test machine that just imaged has no network access. I also tried another machine that is a known good one and its not getting network either. I can ping the 192.168.1.1 just fine, PXE booting still works, its just now not routing. I mean its better than nothing we can get by with out network on this if it comes down to it. Thank you to every one who has helped me so far.
-
Figured it out, re running the fog installer after messing with the passwords etc reset my option routers in the dhcpd.conf file.
