[SunRay-Users] Remote Sun Ray / Firewall Question

Carl Holzhauer cholzhauer at sscorp.com
Wed Feb 20 13:15:36 EET 2008


Ben brought up a good point...is your DHCP server telling your sunray where to look for the SRSS server?


-----Original Message-----
From: sunray-users-bounces at filibeto.org [mailto:sunray-users-bounces at filibeto.org] On Behalf Of Mike Jones
Sent: Wednesday, February 20, 2008 10:56 AM
To: SunRay-Users mailing list
Subject: Re: [SunRay-Users] Remote Sun Ray / Firewall Question

That is correct.  The login screen never presents itself. To be more
precise I tried to forward all outside traffic from one source IP
address (the SR server) and not all traffic from all outside sources.

Carl Holzhauer wrote:
> So if I read your email correctly, if you forward all traffic from the outside to your inside address, you can tell when Smart Cards are inserted, and you can even ping the SunRay, but you can't log in from the SunRay?
>
>
> -----Original Message-----
> From: sunray-users-bounces at filibeto.org [mailto:sunray-users-bounces at filibeto.org] On Behalf Of Mike Jones
> Sent: Wednesday, February 20, 2008 12:00 AM
> To: SunRay-Users mailing list
> Subject: Re: [SunRay-Users] Remote Sun Ray / Firewall Question
>
> Carl Holzhauer wrote:
>
>> I'm assuming that when you allowed all traffic from the outside interface to the inside interface where the SunRay was located, it still didn't work.
>>
>>
> That is correct.  I allowed all outside IP traffic from the remote
> server's public IP address.
>
>> I'm assuming you're doing NAT translation on the inside interface?
>>
>>
> That is also correct.  I gave the Sun Ray a static address of
> 192.168.128.190 on the inside network and added a static translation to
> one of my public IP addresses in the PIX.  The Sun Ray can be pinged
> from the remote S/R server and it shows up correctly in the S/R logs and
> you can tell when I insert/remove a Smart Card on both the remote server
> and the local Sun Ray.
>
>> Are you also filtering outbound traffic? (PIX by default filter inbound traffic)
>>
>>
> No outbound filtering
>
>
>> ________________________________________
>> From: sunray-users-bounces at filibeto.org [sunray-users-bounces at filibeto.org] On Behalf Of Mike Jones [mike at mooseworks.com]
>> Sent: Tuesday, February 19, 2008 9:03 PM
>> To: SunRay-Users mailing list
>> Subject: [SunRay-Users] Remote Sun Ray / Firewall Question
>>
>> Hi,
>>
>> I have a Sun Ray 270 in my home office that connects to a Sun Ray server
>> at a customer.  It works great while I have it connected on the Internet
>> side of my Cisco PIX firewall.  It doesn't work so great if I move it to
>> the private side of the firewall.  It cycles from 1 > 22D > 26D > 14D,
>> and instead of going to 34D, it goes back to 26D and stops.  So it's not
>> passing the graphics traffic through the firewall.  I have tried every
>> combination of commands to create an access list to allow the correct
>> ports and protocols including allowing all ip traffic from the remote
>> Sun Ray server inbound through the PIX.
>>
>> Long way of asking if anybody has a Sun Ray correctly working with a
>> Cisco PIX Firewall?  If so, what does your access-list look like (or
>> your conduits)?
>>
>> Thanks, Mike
>> _______________________________________________
>> SunRay-Users mailing list
>> SunRay-Users at filibeto.org
>> http://www.filibeto.org/mailman/listinfo/sunray-users
>>
>> _______________________________________________
>> SunRay-Users mailing list
>> SunRay-Users at filibeto.org
>> http://www.filibeto.org/mailman/listinfo/sunray-users
>>
>>
> _______________________________________________
> SunRay-Users mailing list
> SunRay-Users at filibeto.org
> http://www.filibeto.org/mailman/listinfo/sunray-users
>
> _______________________________________________
> SunRay-Users mailing list
> SunRay-Users at filibeto.org
> http://www.filibeto.org/mailman/listinfo/sunray-users
>
_______________________________________________
SunRay-Users mailing list
SunRay-Users at filibeto.org
http://www.filibeto.org/mailman/listinfo/sunray-users



More information about the SunRay-Users mailing list