NFS thru firewall

[zanon]

Hi,
recently I tried to mount NFS share on FreeNAS with real IP from CentOS based in private network through PF-sense NAT and got the following error :

Sep 23 20:47:07 tank mountd[2826]: mount request from 94.*.*.1 from unprivileged port​

any idea how could resolve this issue would be greatly appreciated.

 

[dlavigne]

Did you run the mount command as root?

 

[zanon]

Hi , this error msg appear on FreeNAS console, not on CentOS box, only when i pass through firewall . when i use routing instead of NAT i dont have problem at all. is there an option in rc.conf or any other conf i could fix or i 'should use separate interface for internal (private) networks.

 

[dlavigne]

That's strange... Typically that message means that the client didn't mount the share as root. No idea why NAT makes a difference.

 

[jgreco]

Not strange at all. NFS typically requires the client use a privileged port to connect. Since NAT remaps port numbers, typically into the four and five digit ranges, the mount is refused. The message literally means what it says.

mountd can be invoked with "-n" to allow it to accept such mount requests, which is part of what happens when weak_mountd_authentication is set to YES in FreeBSD. I don't know what arrangements, if any, have been made in FreeNAS to handle this sort of thing.