[SunRay-Users] AMGH problems

Bob Doolittle Robert.Doolittle at Sun.COM
Mon Feb 2 16:43:55 EET 2009 

If your DTU is presenting the address of 192.168.100.3, then you can't 
redirect the DTU to connect to 192.168.100.3.

Also, an SRSS server cannot operate behind a NAT firewall, although a 
DTU can.

-Bob

CJ Keist wrote:
> Bob,
>    Yes the FOG-A servers see my test DTU as coming from 192.168.100.3. 
> The only way I was able to get my DTU to get out of the TEST-A VLAN to 
> my FOG-A VLAN was with IP forwarding and IP NAT enabled on my TEST-A 
> server.  My IP NAT config is:
>
> map ce1 192.168.129.0/24 -> 192.168.100.3/32
>
>
>
> Bob Doolittle wrote:
>> I don't see how your can get the debug output in your FOG-A script 
>> that you state, given the addresses you are quoting.
>>
>> The problem is this line:
>> if [ "$username" = "" -a "$terminal_ip_addr" = "192.168.100.3" ]
>>
>> terminal_ip_addr will be the IP address of your *DTU*, not your 
>> *Server*.
>> You say that your server IP address is 192.168.100.3, so this test 
>> should always fail, but in your debug output you show "Send Use 
>> First", which should never happen if the test fails.
>>
>> Are you sure you are quoting your addresses correctly in the mail you 
>> sent?
>>
>> If 192.168.100.3 is in fact your DTU address, then you shouldn't be 
>> returning "host=192.168.100.3" since that should be a server address.
>>
>> If this doesn't help, please resend your data, clearly labeling your 
>> server and DTU addresses separately.
>>
>> If you are using DHCP, you probably should never be comparing 
>> terminal_ip_addr directly since you don't know the addresses your 
>> DTUs will be getting.
>> That value was supplied so you could mask it appropriately before 
>> comparing to a subnet address, if you wished to make some decision 
>> based on a subnet on which a Sun Ray resided. It can't be usefully 
>> used without masking in a script unless you use fixed addresses for 
>> DTUs. If you want to make a per-DTU decision, you can use the 
>> terminal_cid, which is a constant based on the MAC address of the DTU 
>> (e.g. IEEE802.080020010203 for a MAC of 080020010203).
>>
>> -Bob
>>
>> CJ Keist wrote:
>>> I'm still working on getting this work.  Here is what I'm running up 
>>> against now.
>>>
>>> I have a test sunray group, TEST-A, setup in kiosk mode running just 
>>> a web broswer.  I have it setup with AMGH so that when you insert a 
>>> smart card it will connect you to our main sunray server group, 
>>> FOG-A.  That part works fine. The problem is that when I remove my 
>>> card the DTU remains connected to the FOG-A servers.  My setup:
>>>
>>> TEST-A -
>>>     Network:
>>>             VLAN 192.168.129.0  (test kiosk network)
>>>             VLAN 192.168.100.3  (Connection to our FOG-A network)
>>>                  129.xx.xxx.xxx (regular network)
>>>             Server is configure with out dedicated interconnects.
>>>             IP forwarding is enabled
>>> FOG-A -
>>>     Network:
>>>             VLAN 192.168.100.0 (FOG-A network)
>>>                  129.xx.xxx.xxx (regular network)
>>>             Servers are configured with dedicated interconnects to the
>>>             192.168.100.0 VLAN.
>>>
>>>     Here is the AMGH script on my test kiosk server:
>>>
>>> #!/bin/sh
>>> DBFILE=/opt/SUNWutref/amgh/back_end_db
>>> OUTPUT=/opt/SUNWutref/amgh/out.txt
>>>
>>> # parse the args into shell vars
>>> while read A
>>> do
>>>     eval "$A"
>>> done
>>> touch $OUTPUT
>>> echo "UserName: $username">>$OUTPUT
>>> echo "Token: $token" >>$OUTPUT
>>> echo "Terminal CID: $terminal_cid">>$OUTPUT
>>> echo "Terminal IP: $terminal_ip_addr">>$OUTPUT
>>> echo "Insert Token: $insert_token">>$OUTPUT
>>> echo "Display: $display">>$OUTPUT
>>>
>>> # if a username is provided
>>> if [ -n "$username" ]
>>> then
>>>     echo "host=192.168.100.1"
>>>     exit 0
>>> fi
>>> exit 0
>>>
>>>     This works as I said.  I can put in my smart card and it does 
>>> connect to our FOG-A servers and finds my session.
>>>
>>> On our FOG-A servers here is the AMGH script they run:
>>>
>>> #!/bin/sh
>>> OUTPUT=/opt/SUNWutref/amgh/out.txt
>>> # parse the args into shell vars
>>> while read A
>>> do
>>>     eval "$A"
>>> done
>>> touch $OUTPUT
>>> echo "UserName: >>$username<<">>$OUTPUT
>>> echo "Token: $token" >>$OUTPUT
>>> echo "Terminal CID: $terminal_cid">>$OUTPUT
>>> echo "Terminal IP: $terminal_ip_addr">>$OUTPUT
>>> echo "Insert Token: $insert_token">>$OUTPUT
>>> echo "Display: $display">>$OUTPUT
>>>
>>> if [ "$username" = "" -a "$terminal_ip_addr" = "192.168.100.3" ]
>>> then
>>>     echo "Send Use First">>$OUTPUT
>>>     echo "host=192.168.100.3"
>>>     #echo "use_firstserver=true"
>>> fi
>>> exit 0
>>>
>>>      This doesn't work.  I have tried both the setting host ip and 
>>> the use_firstserver flag.  Here is the debug output of the server my 
>>> test DTU connects to after I pull my card:
>>>
>>> UserName: >><<
>>> Token: pseudo.00144fb1d1ef
>>> Terminal CID: IEEE802.00144fb1d1ef
>>> Terminal IP: 192.168.100.3
>>> Insert Token: pseudo.00144fb1d1ef
>>> Display: :39
>>> Send Use First
>>>
>>>
>>> It is the same if I use the "use_firstserver" flag as well.  The DTU 
>>> is not connecting back to my test kiosk server for some reason. Any 
>>> ideas why?  Is it that the DTU is suppose to pickup the echo 
>>> statements and know what to do?
>>>
>>>
>>> ------------------------------------------------------------------------ 
>>>
>>>
>>> _______________________________________________
>>> SunRay-Users mailing list
>>> SunRay-Users at filibeto.org
>>> http://www.filibeto.org/mailman/listinfo/sunray-users
>>>   
>>
>> _______________________________________________
>> SunRay-Users mailing list
>> SunRay-Users at filibeto.org
>> http://www.filibeto.org/mailman/listinfo/sunray-users
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> SunRay-Users mailing list
> SunRay-Users at filibeto.org
> http://www.filibeto.org/mailman/listinfo/sunray-users
>

More information about the SunRay-Users mailing list