[Samba] Multiple IP addresses

Robert Pollard rpollard at drs4drs.com
Tue Apr 8 19:55:24 GMT 2008 

Hey Greg,

I don't have a firewall in between the server and the Internet.  I was 
trying to do some benchmarks on file transfers and then I would disconnect 
it after getting the benchmarks.

I believe I know why I couldn't reach the Samba shares though -- the Sun 
X4200 M2 has been having configuration problems with the 4 ethernet ports. 
I can get the nge0 (the first port) working fine which has our production 
system on it.  But, I can't get any other port to come up along with the 
primary port.

Suggestion #2 seems like a possibility.  So, the class A address I'm using 
will need to be entered into the Hosts allow field?

For production, there will be a firewall and VPN access only.  I have been 
looking for a stable VPN router/client that works solid on all recent 
Windows releases and haven't found one yet.  I started using PPTP and it 
seems to be the most stable of all, believe it or not.

Thanks for the help!

----- Original Message ----- 
From: "Greg J. Zartman, P.E." <greg at leiinc.com>
To: "Robert Pollard" <rpollard at drs4drs.com>
Cc: <samba at lists.samba.org>
Sent: Thursday, April 03, 2008 5:32 PM
Subject: Re: [Samba] Multiple IP addresses


>> I have been trying to connect to Samba over the Internet as I have static 
>> IP that is publicly available for connection.  I can use this IP to 
>> connect to our Intranet web site but Samba doesn't work correctly when 
>> trying to connect to it from outside.  Our internal network addresses 
>> work fine.  Even a VPN connection, which gets our internal address scheme 
>> works.  But, when trying to use the publicly available IP address to 
>> connect to Samba it can't find it.
>
> There are likely a couple things preventing access:
>
> 1. Did you open the Samba ports on your firewall?  Most firewalls have 
> these ports closed by default.
>
> 2. Hosts allow/Hosts deny parameter.  Is this set so that Samba will 
> actually respond to the subnet that you are trying to access Samba from?
>
> IMO, opening Samba up to the internet is an inherently bad thing to do and 
> something that very rarely really needs to be done.  Instead, you should 
> look at an ssh tunnel or an IPSec VPN.
>
> I use IPsec VPN routers to connect my two offices, which are both on 
> different subnets and in different Citys.  The routers I used are fairly 
> inexpensive, but work wonderfully and are very easy to setup: 
> http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS114.aspx
>
> Greg
>
> ---
> Greg J. Zartman, P.E.
> President, Principal Engineer
>
> LEI Engineering & Surveying
> 2468 West 11th Avenue
> Eugene, Oregon 97402
> Voice 541-683-8383    Fax 541-683-8144
> www.leiinc.com

More information about the samba mailing list