ERROR #"502" when accessing groups
Franco, Ruben
rufranco at utep.edu
Wed Mar 6 20:39:44 UTC 2002
Regarding "readers.conf", can it configure to allow anyone access within a
subnet or a specific domain?
-----Original Message-----
From: Wim Lewis [mailto:wiml at omnigroup.com]
Sent: Wednesday, March 06, 2002 1:07 PM
To: Franco, Ruben
Cc: inn-workers at isc.org
Subject: Re: ERROR #"502" when accessing groups
On Wednesday, March 6, 2002, at 11:36 AM, Franco, Ruben wrote:
> Running Redhat 7.2 with INN 2.3.2 Rel. 5.
>
> Whenever a user tries to access a group via a newsreader (such as,
> outlook express), they get the following error:
>
> "502 You have no permission to talk. Goodbye."
>
> In the "news.notice" log I can see the following message:
>
> news nnrpd[25211]: ? cant gethostbyaddr <USER's IP ADDRESS HERE> Unknown
> host -- using IP address for access
> news nnrpd[25211]: <USER's IP ADDRESS HERE> connect
> news nnrpd[25211]: <USER's IP ADDRESS HERE> no_permission
>
> Is the problem with my INN configuration or is it Redhat?
That looks like a DNS problem to me. Either your machine isn't resolving
names correctly (unlikely; you would have noticed more problems than
this if it were the case) or the user's machine doesn't have a reverse
DNS entry (quite likely --- a surprising number of network
administrators don't quite get reverse DNS).
1- Can you connect from your news machine to other machines on the net
by name? (eg. www.google.com, or some other machine outside your
organization). If not, fix your news machine's resolv.conf.
2- Otherwise, make sure that the user's machine has a valid reverse DNS
entry. The forward DNS entry is a mapping like "foo.example.com --> IP
address 1.2.3.4". The reverse entry lets the news server convert 1.2.3.4
to foo.example.com, so that it can compare the name to the rules in the
conf file. Talk to whoever runs your name server, if that isn't you.
3- Alternatively, use IP addresses instead of domain names in your
readers.conf, and don't worry about whether the news server can figure
out the client machine's name.
Wim.
More information about the inn-workers
mailing list