Problems Accessing Samba through a Firewall
David Collier-Brown
davecb at canada.sun.com
Mon Jan 21 09:30:04 GMT 2002
heubach at heubach-edv.de wrote:
> I've got some problems with Samba 2.2.0 sitting in the DMZ behind a
> firewall.
>
> I opened ports 137/138 UDP and 139 TCP to Samba. When I try to connect the
> Samba machine from a Windows NT 4.0 Workstation I get the error message
> "Networkpath not found". If i open all ports to the Samba host it will work.
> After this I close all ports unless 139 TCP and it still works. But it stops
> working after logging out and on again to the Windows NT host.
Ok, ther's two parts to this situation:
braodcast and unicast.
Network neighbourhood is done using
udp and some broadcasts: to get it to work
you need a server on the subnet with the
client. If you are maing the connection via
NN, you have to have the machine accepting udp
and directed broadcasts at the very least!
Browsing and acerssing individual machines,
however, is done with tcp, purely unicast.
If you are maing the connection via windows
explorer (not internet explorer) or the
net use command, that's tcp, and you need
only a name service and tcp.
See
http://www.oreilly.com/catalog/samba/chapter/book/ch09_02.html
for the process of debugging it.
A good netwrok snoop program like etherial
will help you: tell it to just show the SMB
packets and watch to see what ports they go to.
--dave
--
David Collier-Brown, | Always do right. This will gratify
Performance & Engineering | some people and astonish the rest.
Americas Customer Engineering, | -- Mark Twain
(905) 415-2849 | davecb at canada.sun.com
More information about the samba
mailing list