Jordi Prats wrote: > Hi, > I'm trying to setup a firewalled NFS server. I've configured my server > (CentOS 5) using the following parameters > /etc/sysconfig/nfs > MOUNTD_NFS_V1="no" > MOUNTD_NFS_V2="no" > RQUOTAD_PORT=875 > LOCKD_TCPPORT=32803 > LOCKD_UDPPORT=32769 > RPCNFSDCOUNT=64 > MOUNTD_PORT=892 > STATD_PORT=662 > STATD_OUTGOING_PORT=2020 > SECURE_NFS="yes" > > > modprobe.conf: > options lockd nlm_udpport=4001 nlm_tcpport=4001 > > > But it does not mount it: > # mount 172.20.0.150:/tmp/ /mnt/tmp/ > mount: mount to NFS server '172.20.0.150' failed: timed out (giving up). > > There's anything else I must setup to use fixed ports ? > > Thanks, It may be an obvious question, but did you open the ports in iptables? I use a similar scheme on my NFS servers to "fix" the ports and it just doesn't work at ALL unless those ports are opened up in iptables. I use different ports, but here's the lines I inserted into my /etc/sysconfig/iptables file to get NFS working on the server: > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -m multiport -p tcp -s 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m udp -m multiport -p udp -s 192.168.1.0/24 --dports 111,2049,4000,4001,4002,4003 -j ACCEPT You'll have to alter the '--dports' and '-s' parameters to match the ports and IP address range you are using. Hope that helps! -- Jay Leafey - Memphis, TN jay.leafey at mindless.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5177 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080603/0c5565f5/attachment-0004.bin>