[Samba] Re: Access Samba Servers from the Internet?

Thu Dec 12 08:39:01 GMT 2002

>>secure to set-up a VPN connection from your client to your host and then
>>login that way. Of course, it is possible to access your SMB share through

I have exactly the same need. I have a co-worker that can come to our 
site because of physical problems, he cant just come at work like 
everyone. The thing is to achieve a normal Windows 2000 connection to 
our domain.

Here is how I solved it (not yet accomplished, but in good way to):

I subscribed a VPN MPLS solution at my internet provider. I think it is 
the best way to do actual VPN, better than frame relay or IpSec, because 
it is transparent to users.

Here an ascii-art datagram of the solution:

                               _______ Internet...
                             /
                            |
                        FIREWALL
                            |
  /--------------------[ VPN MPLS ]--------------\
|                                                |
router                                         router
192.168.1.253                                 192.168.0.253
|                                                |
|                                                |
|                                                |
Far away PC                                  local network with
192.168.1.1                                W2K workstations, Linux PCs
                                           /            |     |      \
                                    Samba as PDC     other machines in
                                   with Bind DNS     192.168.0.
                                192.168.0.1

subnet have to be different for the VPN MPLS to work! That's why the 
main network it's in 192.168.0. and the away network is in 192.168.1

On 192.168.1.1 PC he can ping 192.168.0.x machines! The same in 
192.168.0.x machines, we can ping him and also it's router.

But, we can't achieve him to be connected to our network :-((

That's the current big problem! He has 192.168.0.1 as 1ary DNS and has 
2nd DNS he has the provider's 1st DNS address.

On his machine he can do:
nslookup machinetest
=>works

nslookup machinetest.homelocalnetwork.com
=>works

ping 192.168.0.100 (machinetest'IP)
=>works

ping machinetest
=> doesn't work!!

I am sure of the DNS (Bind) configuration but seems Samba is rejecting 
him?? What's wrong???

I read an article about DNS in Windows 2000. Seems the DNS *must* work 
with DHCP, dynamically in order to distant machines to connect. Is that 
true? I mean, then, my local machines would use NetBios only to connect 
to samba PDC?

Then, if this is true, this means NetBios connections cant' go thru the 
VPN? Why? Is this because of different subnets?

As you see, VPN MPLS is a good solution, but I really hope someone doing 
VPN MPLS with Samba as PDC in W3K environnement could tell me how he 
achieved this to work

Finally, sorry for crap english :)

Thanks a lots.
-- 
Jean-Paul ARGUDO