[K12OSN] solved--K12LTSP server won't give non-terminals web access

David D. Nelson nelsda at yahoo.com
Wed Dec 6 05:23:11 UTC 2006 

--- "David D. Nelson" <nelsda at yahoo.com> wrote:

> I tried pinging from a windows workstation and was
> able to ping using the dns hostname. I even tried a
> hostname which I'm shure I have never visited with
> that computer and it worked. When I try to browse I
> get an "Invalid Request" error and then something
> about some aspect of the HTTP request being invalid.
> 
> I have a standard setup of K12LTSP with the LTSP box
> connected to the internet on eth1 and the local
> network on eth0. The server provides dhcp to the
> internal network and routing for any workstations I
> hook to the internal network so they have full
> access
> to the outside world. I want to be able to bring in
> a
> laptop, forexample, and hook it in, let dhcp assign
> the IP and such and let the computer browse the net.
> 
> I followed what Eric suggested below but it still
> doesn't work.
> 
> Any other ideas or do you know of a generic set of
> config files I could compare mine to?
> 
> Thank you.
> 
> 
> --- Jack Palmadesso <jack.palmadesso at gmail.com>
> wrote:
> 
> > try pinging something on the internet via its ip
> > address.  Then try
> > pinging with a dns hostname.  If the ip works but
> > the name does not
> > then your dns settings on the workstations are the
> > problem.
> > 
> > On 12/1/06, Jack Palmadesso
> > <jack.palmadesso at gmail.com> wrote:
> > > Check DNS settings on the Workstations
> > >
> > > On 11/29/06, Eric Harrison
> > <eharrison at mail.mesd.k12.or.us> wrote:
> > > > David D. Nelson wrote:
> > > > > I was trying to troubleshoot a problem of a
> > dropped
> > > > > internet connection from my K12LTSP server
> so
> > I
> > > > > temporarally turned off the firewall using
> the
> > > > > security GUI applet. When I re-enabled the
> > firewall I
> > > > > lost the ability for workstations (not
> > terminals) to
> > > > > connect to the internet. When I turn on
> squid
> > and
> > > > > redirect the workstations to use the proxy
> > they are
> > > > > always denied access. I decided to rebuild
> the
> > server
> > > > > with K12LTSP 6b7 and I find that
> workstations
> > still
> > > > > don't have access to the internet. The
> server
> > is the
> > > > > gateway and dhcp for the network.
> > > >
> > > > All of the IPTables manipulation specific to
> > K12LTSP is setup as
> > > > services. There is nat (Network Address
> > Translation), iptables-k12ltsp
> > > > (permit all traffic on eth0, where the
> terminals
> > are), and
> > > > transparent-proxying (redirect web traffic to
> > squid/squidGuard).
> > > >
> > > > If you have the default setup (terminals on
> > eth0, network/internet
> > > > access on eth1), you can just make sure that
> > these services are enabled
> > > > and started. Such as:
> > > >
> > > >         /sbin/chkconfig nat on
> > > >         /sbin/service nat restart
> > > >
> > > >         /sbin/chkconfig iptables-k12ltsp on
> > > >         /sbin/service iptables-k12ltsp restart
> > > >
> > > >         /sbin/chkconfig transparent-proxying
> on
> > > >         /sbin/service transparent-proxying
> > restart
> > > >
> > > > > What do I need to change and where do I look
> > to change
> > > > > it. Also, I need some direction on where I
> can
> > find a
> > > > > relatively simple guide to firewall settings
> > and how
> > > > > to securely set up a mail server and web
> > server on my
> > > > > K12LTSP box unless it would be best to
> > dedicate
> > > > > another computer to the job. No more than 10
> > > > > terminals/workstations are on this network.
> > > > >
> > > > > Thank you.
> > > > >
> > > > >
> > > >
> > > > The simplest is to use the built-in tool:
> > > >
> > > >         System -> Administration -> Security
> > Level and Firewall
> > > >
> > > > If you reload the firewall, be sure to restart
> > nat, iptables-k12ltsp,
> > > > and/or transparent-proxying.
> > > >
> > > >
> > > > -Eric
> > > >
> > > >
> _______________________________________________
> > > > K12OSN mailing list
> > > > K12OSN at redhat.com
> > > > https://www.redhat.com/mailman/listinfo/k12osn
> > > > For more info see <http://www.k12os.org>
> > > >
> > >
> > 
> > _______________________________________________
> > K12OSN mailing list
> > K12OSN at redhat.com
> > https://www.redhat.com/mailman/listinfo/k12osn
> > For more info see <http://www.k12os.org>
> > 
> 
> 
> David D. Nelson
> nelsda at yahoo.com
> 
> 
>  
>
____________________________________________________________________________________
> Do you Yahoo!?
> Everyone is raving about the all-new Yahoo! Mail
> beta.
> http://new.mail.yahoo.com
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 


David D. Nelson
nelsda at yahoo.com


 
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com

More information about the K12OSN mailing list