Perhaps some kind soul here could help me with a bear of a problem I'm having with the free version of nxserver.

My Linode is up, running, and "happy." When connecting from home, NX connects, authenticates, and runs like a champ. At work is a different story.

My company uses a Microsoft ISA server to proxy all internet traffic (with authentication), and only allows ports 80, 8080, and 443. I can use putty and SSH directly into my Linode without any problems whatsoever on port 443. However, when I try to direct my NX client there it fails authentication without any details.

I have checked to see which ports SSH/NX is listening on. I have checked to make sure that the IP and public key are correct. I'm connecting with the static IP address so that I don't accidentally get the Lish shell.

...What am I doing wrong?

_________________
You never know what you have until it's gone. And your backup is corrupted. And your boss tells you he needs it yesterday.

I've never used NX, but for starters it would be worth checking the logs on your linode and NX client for clues, and enable verbose mode on the NX client.


From work ? Everything ok within your linode logs when you ssh in (use -v with putty/ssh to see what's happening at your end). Nothing odd's happening at the ISA proxy ?

I've checked through every log for NX I can think of, but they're anything but verbose. I'll see if there's a way to get NX to log more information.



I know, it's really strange. I have no idea why putty would be able to connect flawlessly and NX wouldn't. They're both using ssh to connect/tunnel traffic, and both are on the same port. I'll see if I can check the putty output, but I don't think it's a problem with ssh; I'm putting my money on a problem with NX. That being said, I've used NX through my company's proxy with more than 5 other PCs and never had a single problem.

EDIT:
I was wrong in my first assumption. Essentially port 443 is a no-go from both locations. I can ssh to my Linode on 443 from both locations, but NX only works on port 22 from home. I'm able to NX to my home machine using 443. Can anyone think of why this wouldn't work on a Linode?

_________________
You never know what you have until it's gone. And your backup is corrupted. And your boss tells you he needs it yesterday.

Presumably you have set SSHD to listen on port 443 (i.e. rather than just redirecting to port 22 at your firewall) ?

Assuming that SSHD is on 443, it sounds like you haven't set up your Linode nx server (freenx ?) to listen on that same port. According to a quick search, you need to edit /etc/nxserver/node.conf (uncomment #SSHD_PORT=22, and change appropriately). You should also be able to increase the verbosity of logging via this file. Check for overriding values in ~/.nx.

As a side note, you really need to be more precise with your posts. What distribution, packages, versions were you talking about ? Which locations ? The following needed several passes to make any sense at all:

Anyway, good luck :)

I apologize for not being more clear. At work, I am connecting via NXclient for Windows (XP Pro), version 3.3.0-6. At home I am running NXclient for linux version 3.3.0-6 on a Ubuntu 8.10 desktop installation. The Linode is running Ubuntu 8.10 server, and has nxserver 3.3.0-15, nxnode 3.3.0-12, and nxclient 3.3.0-6.

I am attempting to connect to the Linode from two separate locations; home, and work. Home is a standard internet connection with router/firewall. Work connects through an ISA proxy that only allows traffic out via 443.

I have set sshd on the Linode to listen on port 443. I have set server.cfg to listen there as well, and restarted both services multiple times.

At home, my router simply redirects outside (in-bound) traffic from 443 to port 22, and I can NX to my home computer from work without trouble. When I try to connect to the Linode either from home or work via port 443 authentication fails every time.

I set the logging to level 7 to get more info, but I'm not seeing more information in the usual places (/var/log, /usr/NX/var/log, etc) so maybe I'm looking in the wrong places for that info?

I'm just wondering why when I attempt to connect via the standard ssh port everything works like it should, but then when I simply change the port to 443, it doesn't.

But then I thought that perhpas since it's the port for SSL perhaps apache was causing trouble, so I stopped it...it didn't change anything.

_________________
You never know what you have until it's gone. And your backup is corrupted. And your boss tells you he needs it yesterday.

Whew...talk about a facepalm moment. I had set *nearly* everything right. I had set SSHDPort to 443 on both nxserver.cfg and nxnode.cfg, but I forgot one little setting down near the bottom of nxserver.cfg. That setting is "SSHDAuthPort" and it also has to be set to the port that SSHD is listening at if you have set your NX server up to authenticate via the system rather than its own user database. I'm glad to have that resolved!

_________________
You never know what you have until it's gone. And your backup is corrupted. And your boss tells you he needs it yesterday.

Great to hear :)