An example of working port-forwarding configuration » History » Revision 10
Revision 9 (Anchi Cheng, 10/25/2013 08:54 PM) → Revision 10/15 (Anchi Cheng, 10/25/2013 10:09 PM)
h1. An example of working port-forwarding configuration h2. (Paraphrased from description by Brian J. Gibbens) For those interested, this is how I set up Leginon on the TF20 in the Kornberg lab at Stanford with the following configuration: Local network (192.168.xxx.xxx in this example) can not be accessed directly through institute building network that has internet access before port forwarding. h2. The computer hosts involved in this port-forwarding configuration: # *ScopePC* (Windows) - The computer controlling the microscope ** TECNAI_COMPUTER (Windows XP) not connected only to local network, but connected directly to Tecnai F20 and to TF20SUPPORT_COMPUTER (Windows XP) through two separate network ** cards. Static local IP addresses (192.168.200.99 (192.128.xxx.xxx in this example) is should be set to this host. # *SupportPC* (Windows) - The computer provided by FEI to protect *ScopePC* while allow RAPID system support from them through internet. ** Two network cards are on this computer. ** these. Local network Static IP address (192.168.200.100 of the TF20SUPPORT_COMPUTER 192.168.200.100 in this example) ** Outbound institute the example figure) was added to the TCP/IP settings on the network Static IP address (137.131.204.250 in this example) on the TECNAI_COMPUTER that connects to the TF20SUPPORT_COMPUTER. !gateway.png! # *LeginonMain* (Linux) - The computer that runs Leginon processing/database/storage. Could be multiple. Here assumes just 1 ** Institute TF20SUPPORT_COMPUTER has two network Static cards and two IP address (137.131.204.500 in this example) !http://emg.nysbc.org/attachments/2484/PortForward.png! *Ethernet cables should be addresses. One is connected like in to building network, the figure above.* h2. TCP/IP Gateway Settings on *ScopePC* This should be set other is connected to the local IP address of the *SupportPC* like this: TECNAI_COMPUTER as mentioned above. !gateway.png! # WEBSERVER_DATABASE_COMPUTER (Suse 11.1 Linux) with MySQL, PHP, and Samba share for drive mapping on PC's. Connects to TF20SUPPORT_COMPUTER through building network. h2. Firewall !http://emg.nysbc.org/attachments/2484/PortForward.png! --Norton firewall settings on *SupportPC* TF20SUPPORT_COMPUTER configured to allow ** allow communication to both *ScopePC* '1' and *LeginonMain*. '3'. h2. Hosts file addition if needed --Appropriate IP addresses and hostnames added to the hosts files (C:/WINDOWS/System32/drivers/etc/hosts.txt on Windows PC's and /etc/hosts on Linux). * On *ScopePC* - list both hostnames of *SupportPC* '2' and *LeginonMain* '3' listed in hosts file on '1'; '1' and * On *SupportPC* - list both hostnames of *ScopePC* '3' listed in hosts file on '2'; and *LeginonMain* '2' only listed in hosts file on * On *LeginonMain* - list only hostname of *SupportPC* '3' since all communication from *ScopePC* '1' to *LeginonMain* '3' through *SupportPC* '2' will appear to come from *SupportPC* '2'. h2. Install --Program for port forwarding program AUTAPF which allows needed host/port specification (AUTAPF) installed on *SupportPC* TF20SUPPORT_COMPUTER and set up to forward all appropriate ports to IP address of the router on TECNAI_COMPUTER that connects to TF20SUPPORT_COMPUTER. Below is a screen shot of how we configured AUTAPF for a test at NRAMM. scripps. The hosts are represented as follows: localdefcon3: the microscope PC running leginon client/launcher defcon3: the support PC with AUTAPF installed amilab7: the remote linux running main leginon !autapf.PNG! !autapf-pfos.PNG! ______ [[Network Configuration| Go up]] ______