[Samba] Windows XP client over IPSEC VPN -- No browsing,
limited file access.
vectro at vectro.org
vectro at vectro.org
Sun Mar 12 02:35:58 GMT 2006
Hello all,
I have a problem with browsing and share access over an IPSEC VPN. Details
follow.
The network has the following configuration: There are two local networks,
172.16.57.0/24 and 172.16.59.0/24. The networks are connected over the
internet by Cisco routers providing an IPSEC VPN. The VPNs are configured to
route all traffic (all IP types, all ports, except broadcast and ICMP
redirects) destined for the other network over the VPN. IP connectivity seems
great.
There is a samba server (CAESAR) located on the 57.0 subnet. It is configured
with the following relevant directives:
wins server = yes
dns proxy = no
name resolve order = wins lmhosts bcast host
domain master = yes
local master = yes
preferred master = yes
os level = 70
workgroup = WORKGROUP
It runs Linux 2.6.8 and Samba 3.0.14a-3sarge, from Debian Sarge.
There are some other Windows machines of various vintages also located on the
57.0 subnet. They can browse to and access shares on CAESAR with no problem.
There is a Windows XP machine (LAPTOP) located on the 58.0 subnet. At this
time, it is the only SMB client on that subnet. That machine is configured
with CAESAR as a WINS server. I have two distinct problems with LAPTOP:
1) Network browsing doesn't work. Navigating to "Entire Network" / "Microsoft
Windows Network" / "WORKGROUP", I see only HP. No error, but no other hosts
either.
2) Accessing file shares on CAESAR (by typing "\\CAESAR" in the location bar)
only works with very small directories and files. A folder with only a few
files in it, or a file of only a few bytes, works fine. Browsing to large
folders (which can actually mean as few as 30 files), Windows Explorer
pauses, with an hourglass or flashlight, and eventually presents the message
(for the share "extra"):
"\\caesar\extra is not accessible. You might not have permission to use this
network resource. Contact the administrator of this server to find out if you
have access permissions.
The specified network name is no longer available."
I have disabled the XP Webclient and the Task Scheduler, to no effect. I'm at
a loss for what else to try, however.
CAESAR's full config file is available upon request.
Cheers,
--Ian
More information about the samba
mailing list