Koozali.org: home of the SME Server

howto add offsite network to trusted side of sme

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
howto add offsite network to trusted side of sme
« on: March 07, 2006, 07:10:25 PM »
hello,

I have ran into a problem. Here is the layout-

Site A -
Network: 172.17.0.0 255.255.0.0
Router / gateway: 172.17.1.254
dhcp: 172.17.5.1-172.17.8.254
servers:172.17.2.1-254
sme server: 172.17.1.1 (gateway set to 172.17.1.254)
*this site has the sme server*

====
T1 connects the 2 locations, p2p
====

Site B -
Network: 172.18.0.0 255.255.0.0
Router / gateway: 172.18.1.254
dhcp: 172.18.5.1-172.18.8.254
servers:172.18.2.1-254

From Site A, I have no problems. I can ping the IP of the sme server, I can use email and etc.

From Site B, I can not ping the SME server. However, I can ping EVERY other server/machine at Site A and have no problem passing different services between the 2.

There are currently NO access lists on the routers and routing is only setup to pass 172.17.0.0 255.255.0.0 to 172.18.0.0 255.255.0.0 and vice versa.

So I know that SME is too secure or needs the 172.18.0.0 255.255.0.0 added as "trusted" so that they can use it as an email server.
Trey - Network Specialist......

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
Figured it out
« Reply #1 on: March 07, 2006, 07:46:38 PM »
Hello,

I found the root of my problem. When I originally tried to add site B to the local networks it must have errored out. I tried to put in the following entry but it froze:

ip - 172.18.0.0
subnet - 255.255.0.0
router - 172.17.1.254

So when I went to local networks only 172.17.0.0 255.255.0.0 showed up, which is normal. When I looked at the apache and httpd-admin config files it was adding 172.18.0.0 255.255.0.0 eventhough it wasn't showing up in server manager.

I tried adding the above local network for side B back in and it accepted it this time. When I looked at the apache and httpd-admin config files again 172.18.0.0 255.255.0.0 was duplicated. So I manually took out the 2nd entry of it and then restarted apache and httpd-admin and everything is working now.

I just gotta figure out how to change that template ;)

Any help on that would be of great help. Thank You in Advance.
Trey - Network Specialist......

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
tried something else
« Reply #2 on: March 07, 2006, 08:17:50 PM »
Before I had accidentally added a local network that wasn't supposed to be there and it wasn't showing up in server manager. Of course this was on a different server and Charlie Brady Helped me. Here were his instructions:

====================
Login at the console, and access the manager and delete that network.

If the manager isn't accessable, then do:

/sbin/e-smith/db networks delete 69.8.x.x
/sbin/e-smith/signal-event post-upgrade
/sbin/e-smith/signal-event reboot
====================

I tried running the above but updating the 69.8.x.x with 172.18.0.0 but that still didn't work. After reboot there are 2 entries of 172.18.0.0/255.255.0.0 in:
/etc/httpd/admin-conf/httpd.conf
/etc/httpd/conf/httpd.conf

I am not familiar with customizing templates, I'll keep doing research but any help will be greatly appreciated.
Trey - Network Specialist......

Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: tried something else
« Reply #3 on: March 07, 2006, 08:49:52 PM »
Quote from: "treyh"
/sbin/e-smith/db networks delete 69.8.x.x


What does it say when you issue the following command:
Code: [Select]
/sbin/e-smith/db networks show
Is there perhaps some duplicate information there? My guess is that the double entry is a result of a duplicate entry in the database as most templates take configuration data from the database instead of hardcoding them.

The problem with you manual remove (as stated in an earlier post) will probably be lost when you do updates and the templates are expanded again.
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
response
« Reply #4 on: March 07, 2006, 09:56:07 PM »
[root@mail root]# /sbin/e-smith/db networks show
172.17.0.0=network
    Mask=255.255.0.0
    SystemLocalNetwork=yes
172.18.0.0=network
    Mask=255.255.0.0
    Router=172.17.1.254
[root@mail root]#


So does this mean that it's in the template?
Trey - Network Specialist......

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
interesting
« Reply #5 on: March 07, 2006, 11:10:05 PM »
I just rebooted this server and everything seems to be working now, very interesting  :pint:  :pint:
Trey - Network Specialist......

Offline treyh

  • ***
  • 116
  • +0/-0
    • http://www.wilnet1.com
Problem Returns
« Reply #6 on: March 08, 2006, 03:49:37 PM »
Good Moring  :hammer:

The problem returned this morning.

The database is not showing duplicates either.

Also I have Squid/ Dansguardian setup and browsing the internet is also running very slow.
Trey - Network Specialist......