Hi list!
I'm having a problem where a, in this case, IMAP server (dovecot), configured to do
auth via GSSAPI,
doesn't authenticate clients coming from the NATed IP it has. Physically it only has a
private IP
attached (10.1.0.0/8) but it also has a NATed public IP from the internet. The NAT is done
on the
router/firewall before it get's to the server itself.
I've read about extra_addresses on the /etc/krb5.conf file but that doesn't look
like it does the
trick of making the authentication work.
If I somehow force the clients to authenticate to the private IP (via hosts file for
example), the
auth succeeds.
Is this fixable? Thanks!