[Samba] Multiple IP addresses
Robert Pollard
rpollard at drs4drs.com
Tue Apr 8 19:55:24 GMT 2008
Hey Greg,
I don't have a firewall in between the server and the Internet. I was
trying to do some benchmarks on file transfers and then I would disconnect
it after getting the benchmarks.
I believe I know why I couldn't reach the Samba shares though -- the Sun
X4200 M2 has been having configuration problems with the 4 ethernet ports.
I can get the nge0 (the first port) working fine which has our production
system on it. But, I can't get any other port to come up along with the
primary port.
Suggestion #2 seems like a possibility. So, the class A address I'm using
will need to be entered into the Hosts allow field?
For production, there will be a firewall and VPN access only. I have been
looking for a stable VPN router/client that works solid on all recent
Windows releases and haven't found one yet. I started using PPTP and it
seems to be the most stable of all, believe it or not.
Thanks for the help!
----- Original Message -----
From: "Greg J. Zartman, P.E." <greg at leiinc.com>
To: "Robert Pollard" <rpollard at drs4drs.com>
Cc: <samba at lists.samba.org>
Sent: Thursday, April 03, 2008 5:32 PM
Subject: Re: [Samba] Multiple IP addresses
>> I have been trying to connect to Samba over the Internet as I have static
>> IP that is publicly available for connection. I can use this IP to
>> connect to our Intranet web site but Samba doesn't work correctly when
>> trying to connect to it from outside. Our internal network addresses
>> work fine. Even a VPN connection, which gets our internal address scheme
>> works. But, when trying to use the publicly available IP address to
>> connect to Samba it can't find it.
>
> There are likely a couple things preventing access:
>
> 1. Did you open the Samba ports on your firewall? Most firewalls have
> these ports closed by default.
>
> 2. Hosts allow/Hosts deny parameter. Is this set so that Samba will
> actually respond to the subnet that you are trying to access Samba from?
>
> IMO, opening Samba up to the internet is an inherently bad thing to do and
> something that very rarely really needs to be done. Instead, you should
> look at an ssh tunnel or an IPSec VPN.
>
> I use IPsec VPN routers to connect my two offices, which are both on
> different subnets and in different Citys. The routers I used are fairly
> inexpensive, but work wonderfully and are very easy to setup:
> http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS114.aspx
>
> Greg
>
> ---
> Greg J. Zartman, P.E.
> President, Principal Engineer
>
> LEI Engineering & Surveying
> 2468 West 11th Avenue
> Eugene, Oregon 97402
> Voice 541-683-8383 Fax 541-683-8144
> www.leiinc.com
More information about the samba
mailing list