[Samba] Browsing and Mapped Drives over a VPN

Van Sickler, Jim vansickj-eodc at Kaman.com
Thu Jun 27 12:13:08 GMT 2002 

For quickness and simplicity's sake, I'd try
the hosts/lmhosts route first.  If it works,
you won't need the ssh connection set up.

If it doesn't work;  you'll need a
persistent ssh connection between the two
samba servers, with ports 137-139 forwarded.

I'm not sure how to set up multiple forwards; I
use putty on my win2k box, and it handles it for me.

Try the hosts/lmhosts first;  if it doesn't
work, let us know, and we'll help you work out
the ssh or other connection.

Jim  

> -----Original Message-----
> From: James W. Beauchamp [mailto:jbeauchamp at gesinc.com]
> Sent: Thursday, June 27, 2002 12:27 PM
> To: Van Sickler, Jim
> Cc: Savage, Elijah; samba at lists.samba.org
> Subject: Re: [Samba] Browsing and Mapped Drives over a VPN
> 
> 
> Jim and Elijah:
> Now I need some clarification - newbie here so bear with me.  
> My Samba box
> sits behind the SonicWall which has the public IP.  I had 
> them set up port
> forwarding on the SW so I could ssh into the Samba box for remote
> maintenance reasons.  So that is set up now.  So do I just 
> tell them (the
> maintainer of the SW) to forward traffic on ports 137,138 and 
> 139 or what?
> Sorry but my knowledge of SW is limited of course.  So I'm looking for
> specifically what to do.....
> 
> James
> 
> ----- Original Message -----
> From: "Van Sickler, Jim" <vansickj-eodc at Kaman.com>
> To: "'James W. Beauchamp'" <jbeauchamp at gesinc.com>; "Bradley 
> W. Langhorst"
> <brad at langhorst.com>
> Cc: "Savage, Elijah" <elijah_savage at reyrey.com>; 
> <samba at lists.samba.org>
> Sent: Thursday, June 27, 2002 1:21 PM
> Subject: RE: [Samba] Browsing and Mapped Drives over a VPN
> 
> 
> > Will SonicWalls forward port 22?
> >
> > If so, you can use ssh to forward ports 137,138, and 139
> > between the 2 machines.
> >
> > Conversely, with that few machines, you might just
> > enter them all into the hosts and lmhosts files on
> > each machine-then they'll have the IP's already.
> >
> > Jim
> >
> > > -----Original Message-----
> > > From: James W. Beauchamp [mailto:jbeauchamp at gesinc.com]
> > > Sent: Thursday, June 27, 2002 10:57 AM
> > > To: Bradley W. Langhorst
> > > Cc: Savage, Elijah; samba at lists.samba.org
> > > Subject: Re: [Samba] Browsing and Mapped Drives over a VPN
> > >
> > >
> > > Bradley:
> > > Thanks.  I would VERY much like to see another solution.  I
> > > use VTUN myself
> > > and it works great for this sort of thing, but alas, I was
> > > not asked an
> > > opinion on this one ;), and now the customer is paying the
> > > price I think.
> > > The WINS entries are valid since before the SW's went 
> into place they
> > > weren't there and those machine names are not on my local
> > > lan.  (its only 6
> > > people local and 4 remote)
> > >
> > > James
> > >
> > > ----- Original Message -----
> > > From: "Bradley W. Langhorst" <brad at langhorst.com>
> > > To: "James W. Beauchamp" <jbeauchamp at gesinc.com>
> > > Cc: "Savage, Elijah" <elijah_savage at reyrey.com>;
> > > <samba at lists.samba.org>
> > > Sent: Thursday, June 27, 2002 11:52 AM
> > > Subject: Re: [Samba] Browsing and Mapped Drives over a VPN
> > >
> > >
> > > > Maybe those wins entries are old?
> > > >
> > > > I think you can use stunnel on both ends to move nmb traffic.
> > > > or setup something more robust like CIPE or FreeS/WAN.
> > > >
> > > > brad
> > > > On Thu, 2002-06-27 at 12:45, James W. Beauchamp wrote:
> > > > > Yes, I set up tcpdump and never saw any traffic while he
> > > was trying to
> > > > > connect via "map network drive" in Win2k
> > > > >
> > > > > James
> > > > >
> > > > > ----- Original Message -----
> > > > > From: "Savage, Elijah" <elijah_savage at reyrey.com>
> > > > > To: "'James W. Beauchamp'" <jbeauchamp at gesinc.com>
> > > > > Sent: Thursday, June 27, 2002 10:43 AM
> > > > > Subject: RE: [Samba] Browsing and Mapped Drives over a VPN
> > > > >
> > > > >
> > > > > > I am not exactly sure how this has taken place, 
> because it is
> > > broadcast
> > > > > > traffic also, could this be left over before the vpn
> > > solutions was put
> > > in
> > > > > > place. But it can be easily found out by using tcpdump
> > > on the unix box
> > > to
> > > > > > see what type of traffic he is receiving.
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: James W. Beauchamp [mailto:jbeauchamp at gesinc.com]
> > > > > > Sent: Thursday, June 27, 2002 12:35 PM
> > > > > > To: Savage, Elijah
> > > > > > Subject: Re: [Samba] Browsing and Mapped Drives over a VPN
> > > > > >
> > > > > > Elijah:
> > > > > > Thanks for the quick response :).  Can you tell me how
> > > the machine
> > > name
> > > > > and
> > > > > > workgroup go into the wins.dat then?  Is that via
> > > tcp/ip instead of
> > > > > netbios?
> > > > > > or something else? I'm just trying to learn a little
> > > networking here.
> > > > > >
> > > > > > James
> > > > > >
> > > > > > ----- Original Message -----
> > > > > > From: "Savage, Elijah" <elijah_savage at reyrey.com>
> > > > > > To: "'James W. Beauchamp'" <jbeauchamp at gesinc.com>;
> > > > > <samba at lists.samba.org>
> > > > > > Sent: Thursday, June 27, 2002 10:29 AM
> > > > > > Subject: RE: [Samba] Browsing and Mapped Drives over a VPN
> > > > > >
> > > > > >
> > > > > > > Sonicwall's will not pass win's traffic you may have
> > > to get him to
> > > poke
> > > > > > > holes in the firewall product. If this consultant has
> > > worked with
> > > Cisco
> > > > > > > equipment before, on the Cisco's it would be the
> > > equivalent to the
> > > > > command
> > > > > > > Ip helper (address)
> > > > > > >
> > > > > > > This tells the router to pass 8 different types of
> > > protocols which
> > > > > include
> > > > > > > NetBIOS traffic, but from my little work of
> > > installing sonicwalls
> > > they
> > > > > do
> > > > > > > not support this feature.
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: James W. Beauchamp [mailto:jbeauchamp at gesinc.com]
> > > > > > > Sent: Thursday, June 27, 2002 12:13 PM
> > > > > > > To: samba at lists.samba.org
> > > > > > > Subject: [Samba] Browsing and Mapped Drives over a VPN
> > > > > > >
> > > > > > > Hello All:
> > > > > > > I have a situation where I have a Samba box (RH 7.3
> > > w/samba 2.2.4)
> > > that
> > > > > I
> > > > > > > set up for a client.  Another consultant came along
> > > and installed a
> > > VPN
> > > > > > > using SonicWalls between the main site and a remote
> > > site.  So now
> > > they
> > > > > > want
> > > > > > > the remote users to save files on my Samba box.  No
> > > problem except
> > > that
> > > > > > the
> > > > > > > remote users can't see my local workgroup or any 
> of the local
> > > machines.
> > > > > > > Here's what's wierd (or where my knowledge breaks
> > > down :) )Their
> > > machine
> > > > > > > names and workgroup name is registered in samba's
> > > wins database.  I
> > > am
> > > > > the
> > > > > > > only wins server on both subnets (10.0.1.x local 
> and 10.0.2.x
> > > remote).
> > > > > > The
> > > > > > > remote lan group is peer-to-peer setup with each
> > > client pointing at
> > > my
> > > > > > Samba
> > > > > > > box (who is at 10.0.1.128).  So my question is as
> > > follows - how did
> > > > > their
> > > > > > > machine names get registered if netbios traffic is
> > > not passing the
> > > > > > Sonicwall
> > > > > > > vpn?  or does that use TCP/IP instead?  I'm in need
> > > of a little
> > > netbios
> > > > > > > education here I think in order to tell the other
> > > consultant what to
> > > > > open
> > > > > > up
> > > > > > > on the VPN boxes.  Are they blocking ports 137 and
> > > 139 or is it
> > > > > something
> > > > > > > else.
> > > > > > >
> > > > > > > Thanks in Advance
> > > > > > >
> > > > > > > James
> > > > > > >
> > > > > > > ---OUR NEW ADDRESS---
> > > > > > > James W. Beauchamp, P.E.
> > > > > > > Global Environmental Solutions, Inc.
> > > > > > > 2121 Newmarket Pkwy.
> > > > > > > Suite 140
> > > > > > > Marietta, GA  30067
> > > > > > > 770-690-9552 - ext. 227
> > > > > > > 770-690-9529 - fax
> > > > > > > www.gesinc.com
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > To unsubscribe from this list go to the following URL
> > > and read the
> > > > > > > instructions:  
http://lists.samba.org/mailman/listinfo/samba
> > > >
> > > >
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >

More information about the samba mailing list