Is Samba over an IPSec tunnel possible?
Sentient Organism
d at mongueurs.net
Wed Nov 21 09:58:06 GMT 2001
Hello,
I have set up an IPSec tunnel to create a VPN. It works well, I can
ping and telnet back and forth with no problems. I am, however,
struggling to get Samba to work.
The setup:
Samba 2.0.7 running on Sparc Solaris 2.6
The VPN tunnel is between a OpenBSD 2.7 server and a Netopia R9100
router. The tunnel is negotiated using IKE. The server running Samba
receives NetBIOS packets, I can see them using tcpdump. I have
formatted a capture and placed it on display at
http://grinder.perlmonk.org/tcpdump.html
I can see the differences between a successful connection and this
connection, but I don't understand enough to work out the reason
that it is failing. The router has a number of parameters that can
be used to tweak NetBIOS settings, but after having fiddled with a
few I haven't make any headway.
A little more background. The localnet is 172.17.0.0/19 and the VPN
is 172.18.0.0/24. I modified the global interfaces setting in
smb.conf to read
interfaces = hme0 172.17.0.0/19 172.18.0.0/24
But that hasn't fixed things.
Is what I'm doing technically feasible/possible? Or is there some
basic deficiency in the SMB protocol that means that I can't actually
do this?
The idea is set up a slew of VPNs to a large number of regional
offices over cheap DSL lines, and have everyone authenticate in a
single central location.
Thanks for the clues,
David
--
David Landgren
Paris Perl Mongueurs => http://www.mongueurs.net
More information about the samba
mailing list