Is Samba over an IPSec tunnel possible?

Sentient Organism d at
Wed Nov 21 09:58:06 GMT 2001


I have set up an IPSec tunnel to create a VPN. It works well, I can
ping and telnet back and forth with no problems. I am, however,
struggling to get Samba to work.

The setup:

Samba 2.0.7 running on Sparc Solaris 2.6

The VPN tunnel is between a OpenBSD 2.7 server and a Netopia R9100
router. The tunnel is negotiated using IKE. The server running Samba
receives NetBIOS packets, I can see them using tcpdump. I have
formatted a capture and placed it on display at

I can see the differences between a successful connection and this
connection, but I don't understand enough to work out the reason
that it is failing. The router has a number of parameters that can
be used to tweak NetBIOS settings, but after having fiddled with a
few I haven't make any headway.

A little more background. The localnet is and the VPN
is I modified the global interfaces setting in
smb.conf to read

  interfaces = hme0

But that hasn't fixed things.

Is what I'm doing technically feasible/possible? Or is there some
basic deficiency in the SMB protocol that means that I can't actually
do this?

The idea is set up a slew of VPNs to a large number of regional
offices over cheap DSL lines, and have everyone authenticate in a
single central location.

Thanks for the clues,
David Landgren
Paris Perl Mongueurs =>

More information about the samba mailing list