Folding Forum

PantherX wrote:

suprleg wrote:Hmm..now I seem to be having difficulties with all my Windows and Ubuntu clients..
The Windows clients are searching endlessly:...
[log from Windows client at 192.168.1.102]

*********************

192.168.1.31 is the IP of the newly added Ubuntu 12.04 LTS blades

Can you please see if the section Advanced Control Issues (Remote) in this post (viewtopic.php?p=261089&f=24#p261089) solves your issue or not.

"Remote Access" on both macines 192.168.1.31- Ubuntu and 192.168.1.102- Win7 are configured the same:
1. No password set
2. Port: none
3. IP Address Restriction
Allow: 127.0.0.1
Deny: 0.0.0.0/0
4. Passwordless IP Address Restriction
Allow: 127.0.0.1
Deny: 0.0.0.0/0

bruce wrote:The repeated message "Server access denied for 192.168.1.31:38978" is a separate problem from your DNS problem. PantherX has already identified that it's a report of difficulties in enabling remote access between FAHControl on 192.168.1.102 and FAHClient on 192.168.1.31. Check the remote access settings, and the identy settings. Are you using a password (and if so, do they match in Connection and in Remote Access)? Are both machines using the same passkey?

Different identities
No remote access password set
Different passkeys

suprleg wrote: "Remote Access" on both macines 192.168.1.31- Ubuntu and 192.168.1.102- Win7 are configured the same:
1. No password set
2. Port: none
3. IP Address Restriction
Allow: 127.0.0.1
Deny: 0.0.0.0/0
4. Passwordless IP Address Restriction
Allow: 127.0.0.1
Deny: 0.0.0.0/0

I think that should be:

1. No password set
2. Port: 36330 (ie the default)
3. IP Address Restriction
Allow: 127.0.0.1 192.168.1.31 192.168.1.102
Deny: 0.0.0.0/0
4. Passwordless IP Address Restriction
Allow: 127.0.0.1 192.168.1.31 192.168.1.102
Deny: 0.0.0.0/0

As I understand the description on the tab, the first "Allow" is needed to permit any sort of access from the given IPs, the second permits it without a password. Any IP in the second list must also be in the first.

I use 192.168.1.0/24 for both, I'm the only one using my LAN and it makes life easier

Thanks for the responses they're appreciated.
When I launched FAHControl on the Ubuntu- 192.168.1.31 server I noticed in the left pane three "Clients":
1. local Online 127.0.0.1:36330
2. local Connecting 192.168.102:36330
3. local Connecting 192.168.1.34:36330
I don't know when or why the "connecting clients" appeared, but once I deleted them the nuisance, "connection to server 192.168.1.31 error", ceased
in the Win7 boxes FAHControl log.

If you do not set a remote access password, the system uses the passkey. Using different passkeys likely prevents connections. (It's possible that passwordless access can be enabled and it might allow access but I have not tested that option.) I found it easier to set a password in the Connections tab that matches the password in the Remote Access tab of the other machine.

The passkey is not used as your password if you don't set one.

I recommend people set a password. If you don't change the deny list, you currently don't even need to add ip addresses to the allow list.

The allow and password-less allow lists are independent.

Addresses added to the web-allow list must also be in the allow list.

calxalot wrote:The passkey is not used as your password if you don't set one.

I recommend people set a password. If you don't change the deny list, you currently don't even need to add ip addresses to the allow list.

The allow and password-less allow lists are independent.

Addresses added to the web-allow list must also be in the allow list.

The passkey has always acted as the password when no password was entered. When did that change and why?

7im wrote:The passkey has always acted as the password when no password was entered. When did that change and why?

I did not know when it has changed - but i never need to use my passkey in Client V7.3.6 and above while i´m using password-less access in my network.

calxalot wrote:The passkey is not used as your password if you don't set one.

Correct

calxalot wrote: . . .. If you don't change the deny list, you currently don't even need to add ip addresses to the allow list.

This is only correct if you use the "Advanced Control" on the same system .
If you try to get access from another system in the same network, you won´t be able to get access.
The reason:
After installation of the client there is set one adress in both password-protected- and password-less-list (127.0.0.1!)

calxalot wrote:The allow and password-less allow lists are independent.

Correct only if you use password-protected access.

calxalot wrote:Addresses added to the web-allow list must also be in the allow list.

If you mean:
Adresses set in password-less-access-list must be set in password-protect-access-list - correct.

7im wrote:

calxalot wrote:The passkey is not used as your password if you don't set one.

I recommend people set a password. If you don't change the deny list, you currently don't even need to add ip addresses to the allow list.

The allow and password-less allow lists are independent.

Addresses added to the web-allow list must also be in the allow list.

The passkey has always acted as the password when no password was entered. When did that change and why?

I remember it being discussed a long time ago, but I think it was never implemented that way.
I see nothing in the current source to use the passkey as a default password.
And when I tested it a few months ago, it did not work for me.

folding_hoomer wrote:

calxalot wrote: . . .. If you don't change the deny list, you currently don't even need to add ip addresses to the allow list.

This is only correct if you use the "Advanced Control" on the same system .
If you try to get access from another system in the same network, you won´t be able to get access.
The reason:
After installation of the client there is set one adress in both password-protected- and password-less-list (127.0.0.1!)

You are mistaken, at least for fah 7.4.4. I just tested this again.
Only a password is required and a client restart, as long as the deny list is the special default value of "0/0".
If deny is "0/0" and a password is set, the deny list is not actually created, which is the same as allow anything.
Joseph did this deliberately to make it easier for people to successfully enable remote access.

folding_hoomer wrote:

calxalot wrote:The allow and password-less allow lists are independent.

Correct only if you use password-protected access.

You're right, my mistake.
Addresses in the no password allow list must also be in the allow list for the socket to be accepted.
The password-less list is checked to pre-authorize the connection with the script server.

I believe the web-allow option works the same way for Web Control. I have not tested this recently and could be wrong.