NIS+ through NAT firewall

Darrel Hankerson hankedr at
Thu Jan 16 00:13:01 EST 2003

GENE LORIOT <gene.loriot at> writes:

   I have not getten corporate approval; however, the nokea firewalls have 
   a rules set for NIS+.  With this turned on, all should run fine.

The problem is that the original request is:

   Has anybody successfully implemented NIS+ across NAT firewall??

Getting the requests to the NIS+ server will be easy, but the return
may be a problem due to NAT.  I tested this briefly on a 192.168
network behind a linux 2.2 machine providing port translation (and
which is an NIS+ client).

Ravi Kiran reported 

   From memory, we had to give the NAT firewall machine a pseudo
   credential on the NIS+ server, and then use this same credential for
   all the clients sitting behind the NAT firewall - ie. they all had
   the same credential, which may not be an optimal situation for you.

However, we run without machine credentials on those machines which
only use "non-sensitive" portions of the NIS+ database (including all
linux machines), so I'm uncertain why there was success in his case
but failure in my tests (but my tests were limited).

--Darrel Hankerson hankedr at

More information about the linux-nisplus mailing list