Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: stukirk on May 30, 2007, 06:12:45 PM
-
Hi,
Upgrading a 7.1.3 from server only to privateserver-gateway and have encountered some problems....
I can connect to internet on the sme server and the test internet works.... BUT I can't seem to browse internet etc from client Windows machines... email samba etc all working fine....
There is a ip setting in the "Corporate DNS" box of my router's ip address which I think might be part of the problem? I can't seem to delete this as if I do and reboot etc then the setting is still there after? I can change it to something else and it stays but then nothing works....
Could this be my problem? if so any idea how I can change this without using the setup screens? If this isn't the problem any idea where else I can look? I have a machine working at home with the same settings fine but this client machine is driving me up the wall!!!
This is my first time in posting since using the SME V5 and have always found an answer before but this one has got me stumped...
Thanks,
Stu
-
hey stukirk,
these questions may help you find the fix...
are the ip settings for the client coming from the server? dhcp? is your client gateway address the server, and the dns servers also the server?
what about if you fix the ip on the client with the gateway and dns addresses from the server?
how is the server connected to the internet? if a router can you ping or browse to the router from the client?
some more details might help us help you to identify the problem...
-
Hi,
Managed to remove the Corporate DNS setting using the web interface rather than the setup menu. Unfortunatly it has not helped the situation to help here is the setup:
Modem/router 192.168.1.1 DHCP Server giving fixed IP Address to SME Server of 192.168.1.101 And has a DMZ area given to the SME Server.
|
|
SME Server 192.168.0.5 DHCP Server for local network Connecting to router.
|
---------- Switch-----------
| | | |
XP Windows PC's with auto DHCP gateway address set as 192.168.0.5
The problem lies it seems with the seems the server can connect to internet fine send receive emails updates all fine. The PC's can connect to the server fine for Samba and email IMAP connection but can't browse through to the outside world? I am assuming all network drivers are working as I have connection etc. I can ping the router from the SME but not the PC's (Router has security protocol of having to be in the same IP range to connect and ping) can plug direct into the router with fixed ip to administer the router (and at the moment connect to net)....
Hope someone can help shed some light on this as I have the same setup at two sites and one works one doesn't!????
Cheers,
Stu
-
Hi,
I have managed to get the xp machines accessing the net but had to get them going through auto proxy on firefox to get access? if I turn off the http proxy setting in admin panel I get no connection??? this proves to be more of an issue as I have some old windows apps that need to access but can't go through proxys.......
Any ideas??????
Stu
-
what is the dns setting on your clients?
can you ping the outside world - maybe try pinging google.com and then 72.14.207.99 (google.com's ip).
do you get responses from either? what about if you set your dns on the clients to your isp (for testing purposes).
did you install any proxy stuff? non-standard, i mean.
by default the http proxy on the server is on (this maybe the difference between serveronly and servergateway) - this is transparent and shouldn't affect your applications.
-
Hi,
Right, I have tried pinging from the client pc to google.com, google's ip address and also my internet providers dns servers. and changing over to fixed ip addresses and dns settings for isp and still host not reached....... I can connect to anywhere on the sme server. I can browse web on client pc's but have to set the browser to auto configure proxy (rather than direct connection) to work.
I have not installed any special things on this machine. It is an old server that was v5 e-smith days that had been upgraded normally over time. When going to V7.1 I backed all up and did a upgrade disk change as suggested in the manual onto a new drive installed with V7. everything worked fine.... was using only as a server only at that time. now changing to server gateway something somewhere seems to be blocking traffic.
The only contrib installed is the AFFA backup (this is on a separate stand alone machine backing up from this server). Everything else is standard. I just wonder if there was an old setting somewhere for proxy that has clicked in but is now obsolete. Is there any commands I can run to output any of this to give more detail?
I have been using linux and sme for years but not too familiar with the pure network background as it has just worked fine for years. I have another machine with same settings that works fine but it was a new machine with V7.1 rather than upgrading older machine.... could this be the problem? I don't have the option of dropping the old data as there is about 80gb of important company files and emails there and would take a long time to transfer everything and don't want to miss anything!
Hope someone can help?????
Stu
-
I have managed to get the xp machines accessing the net but had to get them going through auto proxy on firefox to get access? if I turn off the http proxy setting in admin panel I get no connection???
That's a pretty clear indication that they are not using the SME server as their default gateway. They either have static IP settings, are using a DHCP server other than the SME server, or the SME server is issuing DHCP leases with the wrong default gateway setting. You need to work out which is true.
-
Right...... my SME Server Private Gateway is IP 192.168.0.5
Windows Client Connection status is:
Physical Address: 00-16-D3-27-5A-3D
IP Address: 192.168.0.96
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.0.5
DHCP Server: 192.168.0.5
Lease Obtained: 08/06/2007 09:38:32 am
Lease Expires: 09/06/2007 09:38:32 am
DNS Server: 192.168.0.5
WINS Server: 192.168.0.5
I am not an absolute expert but that seems to be right by me?
I have managed to dump all settings with a db configuration show command and have removed any big sections I know can't effect anything (clamd etc) and attach below:
It looks like there are some old legacy settings in there in places and don't know if that might be affecting things????
Hope someone can help me decypher this????
Not sure if this should be registered as a bug???????
Cheers,
Stu
REPLACED ANYTHING SECURE/SENSITIVE WITH ********************
AccessType=dedicated
ActiveAccounts=11
ConsoleMode=login
ContactEmail=********************
ContactName==********************
ContactOrg==********************
DHCPClient=d
DelegateMailServer=
DialupConnOffice=medium
DialupConnOutside=short
DialupConnWeekend=short
DialupFreqOffice=every15min
DialupFreqOutside=everyhour
DialupFreqWeekend=everyhour
DialupModemDevice=/dev/ttyS0
DialupPhoneNumber=9,08089933275
DialupUserAccount==********************
DialupUserPassword==********************
DomainName==********************
DynDNS=service
Account=dnsaccount
Password=dnspassword
status=disabled
DynDnsAccount=dnsaccount
DynDnsPassword=dnspassword
DynDnsService=off
EmailUnknownUser=admin
EthernetAssign=normal
EthernetDriver1=dl2k
EthernetDriver2=e100
ExternalDHCP=on
ExternalIP=192.168.1.101
ExternalInterface=interface
Broadcast=192.168.0.255
Configuration=DHCPEthernetAddress
Driver=e100
Gateway=
IPAddress=192.168.1.101
Name=eth1
Netmask=255.255.255.0
Network=192.168.0.0
ExternalNetmask=255.255.255.0
InternalInterface=interface
Broadcast=192.168.0.255
Configuration=static
Driver=dl2k
IPAddress=192.168.0.5
NICBondingOptions=miimon=200 mode=active-backup
Name=eth0
Netmask=255.255.255.0
Network=192.168.0.0
LocalDomainPrefix=
LocalIP=192.168.0.5
LocalNetmask=255.255.255.0
MinUid=5000
PasswordSet=yes
PreviousConfiguration=/home/e-smith/configuration.previous
SMTPSmartHost==********************
SquidParent=
SquidParentPort=
StatusReports=off
SystemMode=servergateway-private
SystemName=fileserver
TimeZone=Europe/London
UnsavedChanges=no
WebServerName==********************
acpid=service
status=enabled
apmd=service
status=enabled
atalk=service
InitscriptOrder=91
MaxClients=20
status=enabled
backup=service
BackupType=desktop
Program=flexbackup
backupTime=23:55
reminderTime=13:00
status=enabled
blades=service
Host=service.e-smith.com
status=enabled
bootstrap-console=service
ForceSave=no
InitscriptOrder=35
Run=no
status=enabled
cpuspeed=service
status=disabled
crond=service
InitscriptOrder=40
status=enabled
ctrlaltdel=service
status=enabled
dhcpd=service
Bootp=deny
InitscriptOrder=65
end=192.168.0.99
start=192.168.0.50
status=enabled
dnscache=service
Forwarder=
Forwarder2=
TCPPort=53
UDPPort=53
access=private
status=enabled
dnscache.forwarder=service
status=enabled
ftp=service
LoginAccess=private
TCPPort=21
access=private
status=disabled
haldaemon=service
status=enabled
horde=service
DbPassword==********************
imp=installed
status=disabled
httpd-admin=service
InitscriptOrder=86
PermitPlainTextAccess=no
TCPPort=980
TKTAuthSecret==********************
ValidFrom=
access=localhost
status=enabled
httpd-e-smith=service
InitscriptOrder=85
TCPPort=80
access=private
status=enabled
hwconfig=configuration
CPUFamily=6
MemTotal=196173824
SMPCapable=no
imp=service
access=SSL
status=disabled
ippp=service
InitscriptOrder=55
status=disabled
irqbalance=service
status=enabled
isdn=service
Protocol=2
UseSyncPPP=yes
UserSyncPPP=yes
status=disabled
klogd=service
status=enabled
lilo=service
AddressMode=linear
DefaultKernel=Mitel-SME-up
local=service
InitscriptOrder=99
status=enabled
lpd=service
InitscriptOrder=60
status=enabled
masq=service
DenylogTarget=drop
InitscriptOrder=06
Logging=none
Stealth=no
Trace=disabled
pptp=yes
status=disabled
maxAcctNameLength=31
maxGroupNameLength=31
messagebus=service
status=enabled
microcode_ctl=service
status=enabled
modPerl=service
status=disabled
modSSL=service
CipherSuite=ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
TCPPort=443
access=private
status=enabled
mysql.init=service
InitscriptOrder=99
status=enabled
mysqld=service
InitscriptOrder=90
LocalNetworkingOnly=yes
status=enabled
named=service
RndcKey=sulqdNAocXDpJHsCwfSZpjGyhEoOr0hdNxdzPJGSSLmwB0hPsrpHmcrOiX0q
chroot=yes
status=enabled
network=service
InitscriptOrder=10
status=enabled
nmbd=service
UDPPorts=137,138
access=private
status=enabled
ntpd=service
InitscriptOrder=55
MemLimit=12000000
NTPServer=
SyncToHWClockSupported=yes
status=enabled
nut=service
MasterPass=GgK0Caff+fm8rF+D1X5ZZo/7n6QDrgPvVa3hEbNmF4TVwpRXFdrr5od55WbYPf35tHGxG59XWO+C
Model=newhidups
SlavePass=nlxRFGf0Duqs9oPY1m3TVJL/BL4hAHD157qxOB1ggqv6XBARiIysikYJ6u6/gA+4GfGxFt5Owfub
status=disabled
oidentd=service
TCPPort=113
access=private
status=enabled
pam_abl=service
status=disabled
pam_tally=service
status=disabled
passwordstrength=configuration
Admin=none
Ibays=none
User=none
Users=strong
php=service
AllowUrlFopen=Off
status=enabled
pppoe=service
DemandIdleTime=no
InKernel=no
InitscriptOrder=57
SynchronousPPP=no
status=disabled
pptpd=service
TCPPort=1723
access=public
sessions=1
status=enabled
qmail=service
InitscriptOrder=80
MaxMessageSize=15000000
status=enabled
qpsmtpd=service
Bcc=disabled
BccMode=cc
BccUser=maillog
DNSBL=disabled
LogLevel=8
MaxScannerSize=25000000
RBLList=sbl-xbl.spamhaus.org:whois.rfc-ignorant.org:dnsbl.njabl.org
RHSBL=disabled
RequireResolvableFromHost=no
SBLList=dsn.rfc-ignorant.org
access=public
status=enabled
radiusd=service
status=enabled
raidmonitor=service
status=enabled
random=service
InitscriptOrder=20
status=enabled
serial-console=service
BaudRate=19200
Device=ttyS1
status=disabled
smb=service
DeadTime=10080
DomainMaster=yes
InitscriptOrder=91
KeepVersions=disabled
OpLocks=enabled
RecycleBin=disabled
RoamingProfiles=no
ServerName=fileserver
ShadowCount=10
ShadowDir=/home/e-smith/files/.shadow
UnixCharSet=ISO8859-1
UseClientDriver=yes
Workgroup=e-smith
status=enabled
smbd=service
TCPPorts=139,445
access=private
status=enabled
smtp-auth-proxy=service
Debug=0
Passwd=
Userid=
status=disabled
smtpd=service
Authentication=disabled
ExternalInterfacesFilter=/var/qmail/bin/qmail-spamc
Instances=40
InstancesPerIP=5
InternalInterfacesFilter=/var/qmail/bin/qmail-spamc
MaximumDateOffset=0
PatternsScan=disabled
Proxy=enabled
RBLList=bl.spamcop.net:dynablock.njabl.org:sbl-xbl.spamhaus.org
TCPPort=25
TCPProxyPort=25
VirusScan=enabled
access=private
status=enabled
tnef2mime=enabled
sqpsmtpd=service
access=public
status=enabled
squid=service
EnforceSafePorts=no
InitscriptOrder=90
SafePorts=21,70,80,81,119,210,443,563,980,1024-65535
TCPPort=3128
TCPProxyPort=80:3128
TransparentPort=3128
access=private
status=enabled
sshd=service
InitscriptOrder=85
MaxAuthTries=2
PasswordAuthentication=yes
PermitRootLogin=yes
Protocol=2,1
TCPPort=22
UsePAM=yes
access=private
status=enabled
ssmtpd=service
Authentication=enabled
Instances=10
TCPPort=465
access=private
status=enabled
statusreport=service
DayOfWeek=5
Hour=9
Minute=40
status=enabled
sysconfig=configuration
InstallEpoch=1178723698
KernelArch=i686
KeyboardType=pc
Keytable=uk
Language=en_US
PreviousSystemMode=servergateway-private
Registration=none
ReleaseVersion=7.1.3
SoftwareRaid=no
SystemID=0CC5F12A-FE40-11DB-BA78-FF7BBC73046B
syslog=service
InitscriptOrder=05
LogAll2VT6=no
status=enabled
telnet=service
PermitRootLogin=yes
access=private
status=disabled
testing=service
destruction=0
tinydns=service
UDPPorts=53
access=localhost
status=enabled
viewlogfiles=configuration
DefaultOperation=view
wan=service
status=enabled
xinetd=service
InitscriptOrder=50
status=enabled
yum=service
AutoInstallUpdates=disabled
EnableGroups=0
GPGCheck=0
PackageFunctions=disabled
RandomDelay=120
status=enabled
-
Just to also clarify, I have another SME server on the network set to server only as an AFFA machine with fixed ip and gateway of the SME 192.168.0.5 and it too can't ping the outside world?
It is almost like there is something blocking direct access unless I use a browser and autoconfigure the proxy settings in it????
I am getting quite lost here, any suggestions????
Stu
-
192.168.1.X on external interface and 192.168.0.X on internal interface. I tried this myself once and it looks like it should work but I also had connection problems.
Re-configure the server through the admin console and try totally different IP's like:
192.168.1.101 on the external interface and
10.0.0.5 on the internal.
-
Right.... been trying things to no avail so switched that server back to server only mode. Installed SME7.1 on a new machine, ran all the updates configured just as the other machine but with no email, no ibays, no users apart from admin and the same networking details as before. all works fine....????
this brings me back to thinking it is a legacy setting coming through on the update/restore......???
Is there a simple way of restoring users/email/ibays without all the rest of the config or am I just better off setting up the users again and copying the data across? I want to avoid as much manual copying as possible as it could go screwwy and is 80gb and I don't have time to down the server for a few days I seem to only get a couple of hours max for any downtime....
Ideas? on how to sort the config on the old machine or copy the data across???
Cheers,
Stu