[Samba] Network browsing with through OpenVPN
Carlos Oliva G.
carlos.oliva at igloo.cl
Mon Oct 4 16:55:53 GMT 2004
Hi all,
I have succesfully joined together three LANs using OpenVPN over Linux
(Debian) gateways at the 'exit' of each one of these LANs.
The VPN seems to be OK, as I can ping network hosts from one LAN to
another using their private IP addresses with no problem at all.
However network browsing through the VPN is not working.
The network diagram for my setup is at
http://www.igloo.cl/~pink/network.jpg if you're willing to take a look
at it.
This is the detailed setup I have:
* I have three networks with a public IP address each, called
'2norte', '4norte' and '6norte', respectively.
* Each of the Linux gateways has five network interfaces: two physical
(eth0 and eth1), for Internet and LAN connections, the loopback
interface (lo) and two virtual interfaces for the VPN link (tun0 and
tun1). They all accept all kind of traffic, both incoming and outgoing,
as there are NO firewall filtering rules on them (yet) except for
masquerading of outgoing connections to the Internet.
* On the tunX interfaces the gateways have 10.0.0.X IP addresses,
which are the VPN links.
* Each of the LANs has a WORKGROUP style Windows network, which has
mixed Win98 and XP clients. All the LANs has configured the same
workgroup name.
* On each LAN there is a wireless access point which only ocasionally
serves to floating clients, mostly XP machines and my OS X iBook.
* On each of them the Linux gateway acts as a DHCP server for its
local segment, and is also configured as a Samba server, with both
'local master = yes' and 'preferred master = yes', and 'os level = 65'.
* The 6norte gateway is configured as the WINS server ('wins support =
yes'), the other two gateways are pointing at it ('wins server =
192.168.1.1'). Also 6norte is configured as the domain master browser
('domain master = yes'), while the other two has this explicitly set to
'no'. All the DHCP servers has the specified IP address 192.168.1.1 as
their WINS server ('option netbios-name-servers 192.168.1.1;' on
dhcpd.conf)
* Only recently I added the 'remote announce' and 'remote browse sync'
parameters to each of the gateways samba configuration, with the
respective other two gateways IPs as parameters.
This is an excerpt of my different smb.conf files for each one of the
three gateways:
6norte:
[global]
workgroup = MYWORKGRP
netbios name = 6NORTE-SERV
wins support = yes
interfaces = eth0 lo tun0 tun1
bind interfaces only = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
remote announce = 192.168.0.1 192.168.2.1
remote browse sync = 192.168.0.1 192.168.2.1
name resolve order = wins bcast lmhosts host
4norte:
[global]
workgroup = MYWORKGRP
netbios name = 4NORTE-SERV
wins support = no
wins server = 192.168.1.1
remote announce = 192.168.1.1 192.168.0.1
remote browse sync = 192.168.1.1 192.168.0.1
interfaces = eth1 lo tun0 tun1
bind interfaces only = yes
domain master = no
local master = yes
preferred master = yes
os level = 65
name resolve order = wins bcast lmhosts host
2norte:
[global]
workgroup = CUERNAVACA
netbios name = 2NORTE-SERV
wins support = no
wins server = 192.168.1.1
remote announce = 192.168.1.1 192.168.2.1
remote browse sync = 192.168.1.1 192.168.2.1
interfaces = eth0 lo tun0 tun1
bind interfaces only = yes
domain master = no
local master = yes
preferred master = yes
os level = 65
name resolve order = wins bcast lmhosts host
Sorry for the rather long mail but I wanted to give as much detail as
possible.
Regards,
--
Carlos Oliva G.
Igloo Sistemas Ltda.
carlos.oliva at igloo.cl - http://www.igloo.cl
Tel/Fax: +56 32 684798
More information about the samba
mailing list