browsing across subnets

Andy Worthington andy at rockcity.com
Mon Oct 30 16:33:48 GMT 2000 

I finally got it all working fine.  To get the hosts visible, I checked to
make sure each samba was primary,local and domain master and restarted them.
I then restarted all clients and they started showing up.  Once they all
started showing up I kept trying to access them from the other subnet to no
avail.  I checked ipchains and there were some weird forwarding rules in
there from when I first setup ipsec tunnels so I deleted all ipchains rules
and added back the few I used and presto the machines were accessible.

Thanks for the help

Andy Worthington
----- Original Message -----
From: "Avantel Systems" <alex at avantel.ca>
To: "Robert Dahlem" <Robert.Dahlem at gmx.net>; "Andy Worthington"
<andy at rockcity.com>
Cc: <samba at samba.org>
Sent: Friday, October 27, 2000 8:46 PM
Subject: Re: browsing across subnets


Well, actually ipsec should be carrying those netbios packets through on
ports
used for the ipsec tunnel so do *not* open your firewall for ports 137-139.
You
verified that there was access to those ports by the last test I suggested
and
that test passed.

Since you can see (all?) the hosts in the browse list, that tells me the
samba servers are communicating OK which means those netbios packets are
getting
through that ipsec tunnel.

Have you tried turning domain logons OFF - or are you truly trying to make
samba do domain logons?  I suspect the source of your problem at this point
(now
that you can at least see the machines on the other subnet in your browse
list)
is simply permissions & user/password issues - have you checked that? Are
you
using share or user level security?  Try creating a share that's open to
everyone and see if you can browse that.  Also try turning on debug and
check
the log files for possible errors.  (yes, you may have to dig into some of
the
docs)

Also, what -if anything- did you have to chage to get the hosts to be
visible in
your browse list?

Alex @ Avantel Systems

On Fri, 27 Oct 2000, you wrote:
> >
> >By that I am assuming it is either a routing or firewall problem
> >keeping the connection from working.  Pinging the client works fine
> >though.  How can I find where the problem is to solve it?  The
> >connection between 192.168.3.0 and 192.168.4.0 is via a freeswan
> >ipsec tunnel.
>
> Make sure ports 137, 138, 139, both tcp and udp get through.
>
> Regards,
>         Robert
>
>

More information about the samba mailing list