Domain logins via PPP?
ctooley at joslyn.org
Wed Sep 22 12:35:11 GMT 1999
The only thing I can think of, which means nothing because I'm certainly
not great at this stuff, is; do you have ip forwarding set up? You may not
need it with ipfw and nat under FreeBSD 3.2, I don't know for sure.
From: Steve Shoecraft [SMTP:steve56 at home.com]
Sent: Tuesday, September 21, 1999 6:19 PM
To: Multiple recipients of list SAMBA-NTDOM
Subject: Domain logins via PPP?
Has anyone been able to do domain logins via a PPP link?
If so, how?
I am running FreeBSD 3.2. I have 2 network interface cards on the
one to the internet, one to my local network. I am running ipfw (firewall
support), as well as nat (network address translation). I have a ppp link
which I am able to connect to. Once connected via ppp, I can
ping/ftp/telnet to any machine on my internal network as well as the
internet, so it looks like I have the network component setup correctly.
Here's the info:
x.x.x.x:255.255.255.0 - internet interface
192.168.69.1:255.255.255.0 - internal interface
192.168.69.80 -> 192.168.69.81 - ppp interface
When I establish a ppp login, the ppp server adds a proxy arp entry. When
I do an arp 192.168.69.81, it reports:
ppp1.<domain>.<net> (192.168.69.81) at 0:40:5:a3:4d:f permanent published
When I do a netstat, I see the entry for the interface:
Destination Gateway Flags ...
192.168.69.81 192.168.69.80 UH
192.168.69.81 0:40:5:a3:4d:f UHLS2
When I do a ifconfig, I see this:
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 192.168.69.80 --> 192.168.69.81 netmask 0xffffff00
I have a samba server on 192.168.69.2. The samba server has only 1
interface. The internal machines do domain logins (successfully) to the
samba server, and the browse list is working fine.
When I establish the ppp connection (the client is a Win98 box), however,
do NOT get a domain login. Also, the ppp client is able to see the
machines in it's network neighborhood, but the internal machines are NOT
able to see the ppp client.
The client is setup like this: Dialup Networking->(connection
name)->Properties->Server types shows that the the logon to network box is
checked. For the protocols, only TCP/IP is checked. The TCP/IP settings
are to get the IP address and name server addresses from the server. A
at ipconfig/All or winipcfg reports that the IP address is 192.168.69.81,
netmask is 255.255.255.0, DNS server is 192.168.69.1 (which is correct --
DNS server is on my firewall), and the WINS server is 192.168.69.2.
I have tcpdumped the ppp interface on the server. I see that when the
client connects, the 1st thing it does it spit out 3 back-to-back multicast
packets with a destination of 18.104.22.168 (router solicitation). It then
registers with the WINS server, and that's it. No domain login.
Here's what a tcpdump output of the router solicitation messages looks
(it is never responded to):
(ts) 192.168.69.83 > 22.214.171.124: icmp: router solicitation
Should this be responded to? If so, how so?
Also, how do I get the ppp client to appear on the internal machines'
ANY help on this would be GREATLY appreciated!
P.S. Here's the [global] section of my smb.conf:
workgroup = HOME
netbios name = THOR
server string = SCO UnixWare 7.1
interfaces = 192.168.69.2/24
security = DOMAIN
encrypt passwords = Yes
passwd program = /usr/bin/passwd %u
passwd chat = New\spassword: %n\n \nRe-enter\snew\spassword: %n\n
unix password sync = Yes
log level = 1
time server = Yes
logon script = syslogon.bat
logon drive = H:
domain logons = Yes
os level = 65
lm announce = True
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
More information about the samba-ntdom