Browsing problems in IP masqueraded subnet
Stephen L Arnold
arnold.steve at ensco.com
Mon Mar 29 20:59:02 GMT 1999
When the world was young, Jeney Gabor <dejou at sch.bme.hu> carved
some runes like this:
> I have a subnet in a dormitory using IP masquerading, and it is
> working fine. My only problem is that I can't browse the outer network in
> a Microsoft machine inside. Here is the physical topology:
>
> O WINS server of dormitory (152.66.148.10)
> | It is also the Primary Domain Controller (Win NT 4.0 Server) |
> ---------------------------- Network of the dormitory | IP:
> 152.66.151.216 (eth0) O Linux box (kernel 2.0.34, smbd version
> 2.0.2-19990209) | IP: 192.168.1.1 (eth1)
> ---------------------------- Local network | | | O O O
> Microsoft Windows machines
>
> The Linux box acts as an IP Firewall, and IP masquerades the inner
> network. There is IPX/SPX bridging as well, so the outer Novel servers are
> also accessibles. In the linux box runs the SMB server with WINS support.
> The WINS works great. The Samba file server works great. If I search
> inside for an outer computer, it appears in less than a second. But when I
> browse the network I can see only the workgroups, and nothing more. Indeed
> when I double click on one workgroup I have to wait about one minute (!)
> to get the windows explorer resume working (and nothing appears in the
> window of course).
[snip]
I'm no samba expert (and NT is largely an unknown to me) but I
think you would need to either add an external WINS server (ie, one
outside your firewall) or have another samba box to collect browse
list data on the other side of the firewall. Assuming your ip-masq
box is passing the UDP stuff appropriately (ports 138 & 139 ?). As
far as browsing across subnets (with a firewall in between yet),
you might need to sync your samba server with another one on the
other side. Even NT can't do some of the stuff samba can...
Try it and see...
Steve
******************************************************************
Stephen L Arnold http://www.rain.org/~sarnold
#include <std_disclaimer.h>
******************************************************************
More information about the samba
mailing list