mount.nfs: access denied by server while mounting

Question

On my Ubuntu system, I have this line in /etc/fstab:

myserver:/home/me /mnt/me nfs rsize=8192,wsize=8192,timeo=14,intr

When I do

sudo mount -a

I get:

mount.nfs: access denied by server while mounting myserver:/home/me

How can I diagnose this problem? The nfs server is also Ubuntu.

Additional details: I am able to mount this nfs share from other Ubuntu clients on the same network with no problem. However, the problematic client is different in that it is running inside VirtualBox on a Windows system. I can ping "myserver" fine from the problematic client.

EDIT: /etc/exports on "myserver":

/home/me *(rw,all_squash,async,no_subtree_check,anonuid=1000,anongid=1000)

/etc/hosts.allow and /etc/hosts.deny on "myserver" are both all comments. And keep in mind, that I can connect fine from other clients on the same network.

score 47 · Accepted Answer · answered Jan 31 '10 at 02:03

Found it!

One of the logs had the line:

refused mount request from 192.168.1.108 for /home/me (/home/me): illegal port 64112

I googled and found that since the port is over 1024 I needed to add the "insecure" option to the relevant line in /etc/exports on the server. Once I did that (and ran exportfs -r), the mount -a on the client worked.

score 19 · Answer 2 · answered Aug 15 '12 at 09:50

This question is related on how the network is set for your vm.

By default with VirtualBox, you have NAT network. Which result in port translation.

Step by step this gives :

The NFS client is using a reserved port (<1024 ... that can only be opened by root -> secured)
Virtualbox does the port translation (NAT) -> client port is now greater than 1024
The NFS server refuses the connection for that insecure port.

As mentioned by @JoelFan, one fix would be to set the insecure option to the server. This is a quick fix but ... insecure ;)

What fixed the case for me (in a secured manner) was to change from NAT to Bridge network for this vm. This way, my vm has it's own IP address and no port translation is done.

score 3 · Answer 3 · answered Feb 23 '23 at 18:45

I had the exact same issue recently, posted here: NFS Illegal Port

If you do not want to use the insecure option or do not have the luxury of using a "Bridge" network for your VM, you can simply add an outbound NAT for your local LAN network/single host.

I solved this by setting up a NAT outbound rule on my OPNSense firewall, for my entire local LAN network with the Static Port setting enabled, which prevents the firewall from changing the ports when sending out the traffic, as explained here: OPNsense Documentation

score 3 · Answer 4 · answered Mar 10 '12 at 06:02

Guess what... for me, the source of exactly the same error was a version mismatch between my NFS client and the server.

The logs were silent as if nothing happened, and only nfswatch running on the server side helped me clarify the situation.

The problem was resolved by adding the nfsver mount option on the client side:

server:/path   /mount/point   nfs   nfsvers=3   0 0

score 1 · Answer 5 · answered Jan 29 '10 at 15:40

1

Have you verified that the name resolution is correct on the server for the client that is trying to connect (and is listed in the exports file)?

answered Jan 29 '10 at 15:40

Matt Simmons

20,584

score 0 · Answer 6 · answered Jan 29 '10 at 15:31

0

check the files hosts.allow and hosts.deny and whether the client is entered correctly. when this does not help, please post your export file.

answered Jan 29 '10 at 15:31

Christian

4,773

score 0 · Answer 7 · answered Mar 30 '13 at 23:52

In case this helps other people, I have a Synology NAS and the NFS point actually added another item to the path.

I was trying to mount "xxx.xxx.xxx.xxx/folder" as this is what I do in Windows. But for Ubuntu with NFS I had to use "xxx.xxx.xxx.xxx/volume1/folder".

mount.nfs: access denied by server while mounting

7 Answers7