Hi All, I''m using shorewall on my laptop(2 NIC) to connect my desktop to the Internal LAN. For some reason, MS''s SQL query analyser is not able to connect to the SQL server. I alway get the "Server does not exist" I even tried to connect to it using IP address rather than netbios name and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc) I think it might have something to do with kerberos. (I see connections to port 445 and 88) Where should I start troubleshooting? I''ve already This is shorewall 2.07 on Gentoo linux. -- Ow Mun Heng Gentoo/Linux on DELL D600 1.4Ghz 98% Microsoft(tm) Free!! Neuromancer 13:09:21 up 3:28, 6 users, load average: 0.85, 0.67, 0.46
Ow Mun Heng wrote:> Hi All, > > I''m using shorewall on my laptop(2 NIC) to connect my desktop to the > Internal LAN. > > For some reason, MS''s SQL query analyser is not able to connect to the > SQL server. I alway get the "Server does not exist" > > I even tried to connect to it using IP address rather than netbios name > and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc) > I think it might have something to do with kerberos. (I see connections > to port 445 and 88) > > Where should I start troubleshooting? I''ve alreadyStep 1. shorewall clear If it works...it is probably a rules/policy issue. Check out the FAQ''s and the shorewall site for "Before Reporting a Problem or Asking a Question". (Follow the "Support" link on the left frame). If it doesn''t work...start looking someplace else. -- "A common mistake that people make when trying to design something completely foolproof was to underestimate the ingenuity of complete fools." --Ford Prefect in "Mostly Harmless".
On Thu, 2005-04-07 at 14:12 +0800, Ed Greshko wrote:> > Ow Mun Heng wrote: > > Hi All, > > > > I''m using shorewall on my laptop(2 NIC) to connect my desktop to the > > Internal LAN. > > > > For some reason, MS''s SQL query analyser is not able to connect to the > > SQL server. I alway get the "Server does not exist" > > > > I even tried to connect to it using IP address rather than netbios name > > and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc) > > I think it might have something to do with kerberos. (I see connections > > to port 445 and 88) > > > > Where should I start troubleshooting? I''ve already > > Step 1. > > shorewall clearNope. Doesn''t work. Will try looking someplace else> > If it works...it is probably a rules/policy issue. Check out the FAQ''s > and the shorewall site for "Before Reporting a Problem or Asking a > Question". (Follow the "Support" link on the left frame). > > If it doesn''t work...start looking someplace else. >-- Ow Mun Heng Gentoo/Linux on DELL D600 1.4Ghz 98% Microsoft(tm) Free!! Neuromancer 17:35:10 up 7:54, 5 users, load average: 0.49, 0.38, 1.21
Ed Greshko wrote:>> >> I even tried to connect to it using IP address rather than netbios name >> and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc) >> I think it might have something to do with kerberos. (I see connections >> to port 445 and 88) >> >> Where should I start troubleshooting? I''ve already > > Step 1. > > shorewall clear > > If it works...it is probably a rules/policy issue. Check out the FAQ''s > and the shorewall site for "Before Reporting a Problem or Asking a > Question". (Follow the "Support" link on the left frame). > > If it doesn''t work...start looking someplace else. >This is only true if the Shorewall box is not doing NAT -- if it is doing any form of NAT (for example, SNAT or MASQUERADE), then "shorewall clear" will prevent ANY access to the internal lan from the desktop system. Possibly other users have experience (good or bad) with running MSSql through a NAT box -- I''m aware that some MS networking products have difficulty in that environment. As for using netbios names vs. IP addresses; any time that you interject a router (any type of router) in a Microsoft network then you must use WINS, have a recent PDC, or use Active Directory if you want access by netbios names to work properly. The OP might consider configuring the Laptop as a Bridge/Firewall (http://shorewall.net/bridge.html) rather than as a router. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Thu, 2005-04-07 at 09:17 -0700, Tom Eastep wrote:> Ed Greshko wrote: > > >> > >> I even tried to connect to it using IP address rather than netbios name > >> and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc) > >> I think it might have something to do with kerberos. (I see connections > >> to port 445 and 88) > > > Step 1. > > > > shorewall clear > >> This is only true if the Shorewall box is not doing NAT -- if it is > doing any form of NAT (for example, SNAT or MASQUERADE), then "shorewall > clear" will prevent ANY access to the internal lan from the desktop system.Right.. I thought about this _after_ the fact.> > Possibly other users have experience (good or bad) with running MSSql > through a NAT box -- I''m aware that some MS networking products have > difficulty in that environment. >If any does, please provide comments.> As for using netbios names vs. IP addresses; any time that you interject > a router (any type of router) in a Microsoft network then you must use > WINS, have a recent PDC, or use Active Directory if you want access by > netbios names to work properly.The Existing network _is_ a microsoft network which has LDAP Active Directory and WINS. (I do notice that I cannot on the desktop, just do a ping computerA but must do ping computerA.domain.com And even then it sometimes doesn''t work.> > The OP might consider configuring the Laptop as a Bridge/Firewall > (http://shorewall.net/bridge.html) rather than as a router.I''ll take a look at this later on when I get I-net access. I believe the difference would be that I won''t be doing NAT right? What would be the affect if I have a Switch/Hub from the Laptop to like 10 Desktops? Would the Bridge function as well? Ps : No I-Net access currently till later @ Home> > -Tom-- Ow Mun Heng Gentoo/Linux on DELL D600 1.4Ghz 98% Microsoft(tm) Free!! Neuromancer 10:46:29 up 1 day, 1:05, 7 users, load average: 0.31, 0.35, 0.51