[Samba] Samba and VPN

andrew andyc at teamhq.org.uk
Wed Jul 10 13:58:02 GMT 2002 

Hi all,

I have just joined this mailing list and need a little help. I have looked
at the FAQ's and searched on the internet for the solution and there seems
to be similar problems but I could not find an answer. Is there a HOWTO for
samba and VPN? If I can get this working then I will be happy to write one.

I have a LAN (192.168.0.0/24) with a Linux Firewall, PPTP server and Samba
Wins Server all on the same box. Each computer in this LAN is in the same
workgroup and I also have computers which dialin using PPTP which are also
in the same workgroup. Each computer in the Lan is using the Wins Server and
the PPTP link sets the Wins Server for the dialin computer.

The dialin computer can see all the other computers and connect to them but
all the computers in the LAN cannot see the dialin computer using Network
Neighbourhood. The dialin computer can ping every computer in the LAN and
each computer in the LAN can ping the dialin computer so there is no problem
with the IPChain ruleset.

When I look at the browse.dat file then only the computers in the LAN seem
to be listed. Is this a problem with windows that it is not registering to
the Wins Server when the PPTP link comes up? When I run tcpdump on the PPTP
link then I see NBT packets (I gather they are NetBIOS over TCP) and a
positive registration packet is listed. I have included the tcp dump at the
end of this mail. Does anyone know what 224.0.0.2 is for?

Does anyone know the reason for this?
Can the computers be in different Workgroups but same subnet if I am using
the Wins Server and still be able to see everyone?

Samba version 2.2.5-1 for Debian
Client Machine over PPTP Windows 98 SE

Included
1) TCPDump of PPTP Connection
2) contents of Browse.dat (Is this what the Wins Server contains?)
3) Samba Configuration File

Thanks in Advanced for any comments. They might help me and anyone that is
interested.

Andy C.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TCPDump of PPTP connection
---------------------------------------------------------------

challenger:~# tcpdump -i ppp0
tcpdump: listening on ppp0
21:07:26.893469 192.168.0.234 > 224.0.0.2: icmp: router solicitation
21:07:29.892982 192.168.0.234 > 224.0.0.2: icmp: router solicitation
21:07:31.985662 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): OPUNKNOWN; REQUEST; UNICAST
21:07:31.986459 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): WACK; POSITIVE; RESPONSE; UNICAST
21:07:32.892366 192.168.0.234 > 224.0.0.2: icmp: router solicitation
21:07:33.482587 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): OPUNKNOWN; REQUEST; UNICAST
21:07:33.483283 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): WACK; POSITIVE; RESPONSE; UNICAST
21:07:33.497516 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; REQUEST; UNICAST
21:07:33.498186 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; POSITIVE; RESPONSE; UNICAST
21:07:52.498646 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST
21:07:54.498601 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST
21:09:29.712988 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST
21:09:29.713693 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST
21:09:34.225189 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST
21:09:34.225851 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; NEGATIVE; RESPONSE; UNICAST
21:09:38.734370 192.168.0.234.netbios-ns > 192.168.0.1.netbios-ns:
>>> NBT UDP PACKET(137): REFRESH(8); REQUEST; UNICAST
21:09:38.735033 192.168.0.1.netbios-ns > 192.168.0.234.netbios-ns:
>>> NBT UDP PACKET(137): REGISTRATION; POSITIVE; RESPONSE; UNICAST

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Browse.dat after the Positive Registraction
---------------------------------------------------------------

challenger:~# cat /var/cache/samba/browse.dat
"MSHOME"                  c0001000 "CHALLENGER"                  "MSHOME"
"CHALLENGER"              40059a03 "challenger server (Samba 2.2.5-1 for
Debian)" "MSHOME"
"ALEXC"                   40011003 "DCW Gigabyte 7VRXP/XP1900+"  "MSHOME"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Samba configuration file
---------------------------------------------------------------

[global]

workgroup = Mshome
server string = %h server (Samba %v)

bind interfaces only = yes
interfaces = 192.168.0.0/24 127.0.0.1
socket options = TCP_NODELAY IPTOS_LOWDELAY

log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
debug timestamp = false

os level = 64
local master = yes
preferred master = yes
browse list = yes

encrypt passwords = yes
guest ok = no
invalid users = root

wins support = yes
name resolve order = wins bcast

#======================= Share Definitions =======================

[homes]
browseable = no
map archive = yes
writeable = yes

[connection]
browseable = yes
writeable = no
path = /putty

More information about the samba mailing list