Ticket History #1972: Sygate Personal Firewalls prevent use of KfW

RT for krbdev.mit.edu

History Show all quoted text — Show full headers

# Mon Oct 27 14:19:14 2003 jaltman (Jeffrey Altman) - Ticket created

Subject:

Sygate Personal Firewalls prevent use of KfW

Download (untitled) / with headers
text/plain 463B

The Sygate Personal Firewall products do not add firewall rules to allow
inbound UDP packets when permission is given for applications to send
outbound UDP packets. This permits Leash32.exe to send requests to the
KDC but it cannot receive the response.

I do not see Kerberos 5 attempting to establish a TCP connection when
the UDP connection fails. Is there a configuration requirement to
enable to use to TCP that must be specified in the krb5.conf file?

# Mon Oct 27 14:23:09 2003 jaltman (Jeffrey Altman) - Given to jaltman (Jeffrey Altman)

# Mon Dec 19 12:07:02 2005 jaltman (Jeffrey Altman) - Status changed from 'new' to 'open'

# Fri Mar 30 21:30:24 2007 jaltman (Jeffrey Altman) - Status changed from 'open' to 'resolved'

# Fri Mar 30 21:30:24 2007 jaltman (Jeffrey Altman) - Comments added

Download (untitled) / with headers
text/plain 95B

More recent Kerberos implementations can be configured to force the use
of tcp/ip connections.