On 11/20/20 11:31 AM, Michael B Allen wrote:
I can't log into a desktop with an nfs home dir without punching a reverse hole in my firewall? That shouldn't be.
I'm pretty sure your client is using NFSv3, and the ports you need opened are for RPC, and they *are* dynamic (so the next time these systems reboot, you'd probably need to open different ports, or the correct range of ports).
The easiest solution would be to use NFSv4, and not to adjust your firewall at all.