Now is time to setup NFSv4 with Kerberos. On server and client side we should make principal for nfs, with next difference, on server side principal would be nfs/security1.setenforce.com and on client side it should be nfs/security2.setenforce.com. On both machine you should check is exist host/security1.setenforce.com, and host/security2.setenforce.com as principal. I define same password for both new made principal. I wont to describe how to add participal again, you have all on this link: Adding principals I will describe how you can check is some principal is add in Kerberos. Run:

[root@security2 ~]# ktutil
ktutil: rkt /etc/krb5.keytab
ktutil: list
slot KVNO Principal
---- ---- ---------------------------------------------------------------------
   1    3 host/security2.setenforce.com@SETENFORCE.COM
   2    2 nfs/security2.setenforce.com@SETENFORCE.COM

Enable SECURE_NFS="yes" on both machine. Actually you should remove comment from line in /etc/security/nfs . Restart rpcidmapd, rpcgssd, nfs service on both machine. Now is time to change /etc/exports on server side:

[root@security1 ~]# cat /etc/exports
/exports gss/krb5p(rw,sync,fsid=0,crossmnt)
/exports/home/org gss/krb5p(rw,sync)

After this run exportfs -r command. On client side change /etc/fstab according to this:

192.168.0.120:/home/org /home/org nfs4 sec=krb5p 0 0

After this run mount -a on client. To check that this is work try to ssh nfsuser@security2