[Samba] Samba over VPN

Mike A. Leonetti mleonetti at evolutionce.com
Thu Apr 22 14:26:42 MDT 2010 

The W2K3 server is not the VPN client, the VPN client is a Sonicwall
device.  However, the side that has the DC (samba), the DC server also
initiates the VPN (openswan).  IPSec starts before samba.


Leonardo Carneiro - Veltrac wrote:
> The W2K3 server is the VPN client or is a host behind a vpn client
> that have a route to the remote network? Is the server IS the vpn
> client, does the connection is being made by a service (prior to the
> user login) or you just connect to the VPN after login?
>
>
> Gaiseric Vandal wrote:
>> How do the clients get IP addresses?   You could try adding the WINS
>> server value to the client ip address (either statically or via
>> DHCP.)  Then they should be able to get the necessary netbios name
>> info even tho they are on a separate subnet.
>>
>> Why do you have the DC "distant"  from the clients that it supports?
>>
>>
>>
>>
>>
>> On 04/22/2010 09:41 AM, Mike A. Leonetti wrote:
>>> Yeah.  I don't think it's the VPN blocking traffic.  I think my WINS
>>> server is not functioning properly.  I'll keep working at it.
>>>
>>> Daniel Müller wrote:
>>>  
>>>> Are you sure,
>>>>
>>>> I thought with ipsec there could be netbios bypassing the tunnel.
>>>> Shares and dns are always working.
>>>>
>>>>
>>>>
>>>> -----------------------------------------------
>>>> EDV Daniel Müller
>>>>
>>>> Leitung EDV
>>>> Tropenklinik Paul-Lechler-Krankenhaus
>>>> Paul-Lechler-Str. 24
>>>> 72076 Tübingen
>>>>
>>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>>> eMail: mueller at tropenklinik.de
>>>> Internet: www.tropenklinik.de
>>>> -----------------------------------------------
>>>>
>>>> -----Ursprüngliche Nachricht-----
>>>> Von: Mike A. Leonetti [mailto:mleonetti at evolutionce.com]
>>>> Gesendet: Mittwoch, 14. April 2010 16:47
>>>> An: mueller at tropenklinik.de
>>>> Cc: samba Mailing
>>>> Betreff: Re: AW: [Samba] Samba over VPN
>>>>
>>>> Daniel,
>>>>
>>>> I'm using ipsec for a VPN.  Since all shares are working and name
>>>> resolution all netbios packets seem to be traversing the VPN no
>>>> problem.
>>>>
>>>> Thanks.
>>>>
>>>> Daniel Müller wrote:
>>>>
>>>>    
>>>>> Hello,
>>>>>
>>>>> as far I know you need a vpn with netbios  enabled. This can be
>>>>> done witch
>>>>> openvpn in briding mode. Or with a router having this option.
>>>>>
>>>>> Greetings
>>>>> Daniel
>>>>>
>>>>> -----------------------------------------------
>>>>> EDV Daniel Müller
>>>>>
>>>>> Leitung EDV
>>>>> Tropenklinik Paul-Lechler-Krankenhaus
>>>>> Paul-Lechler-Str. 24
>>>>> 72076 Tübingen
>>>>>
>>>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>>>> eMail: mueller at tropenklinik.de
>>>>> Internet: www.tropenklinik.de
>>>>> -----------------------------------------------
>>>>>
>>>>> -----Ursprüngliche Nachricht-----
>>>>> Von: samba-bounces at lists.samba.org
>>>>> [mailto:samba-bounces at lists.samba.org]
>>>>>
>>>>>        
>>>> Im
>>>>
>>>>    
>>>>> Auftrag von Mike A. Leonetti
>>>>> Gesendet: Dienstag, 13. April 2010 22:27
>>>>> An: Samba Mailing
>>>>> Betreff: [Samba] Samba over VPN
>>>>>
>>>>> Have a 2003 server located outside of the Domain network over a VPN.
>>>>> The server originally existed inside the network (10.1.1.0/24) but
>>>>> now
>>>>> exists on 10.10.12.0/24.  I can access shares over the VPN to the
>>>>> domain
>>>>> controller, but when I try to log in as a domain user it says the
>>>>> domain
>>>>> is unavailable.
>>>>>
>>>>> I added the domain controller as a WINS server on the 2003 server.
>>>>> nbtstat -c on the 2003 does list the domain controller and the
>>>>> domain.
>>>>>
>>>>> Microsoft Windows [Version 5.2.3790]
>>>>> (C) Copyright 1985-2003 Microsoft Corp.
>>>>>
>>>>> C:\Documents and Settings\Administrator>nbtstat -c
>>>>>
>>>>> Local Area Connection 2:
>>>>> Node IpAddress: [10.10.12.244] Scope Id: []
>>>>>
>>>>>                    NetBIOS Remote Cache Name Table
>>>>>
>>>>>          Name              Type       Host Address    Life [sec]
>>>>>      ------------------------------------------------------------
>>>>>      CRCOMPUTER<1C>   GROUP           10.1.1.1            390
>>>>>      CRCOMPUTER<1B>   UNIQUE          10.1.1.1            387
>>>>>      FORTISSIMO<20>   UNIQUE          10.1.1.1            430
>>>>>
>>>>> C:\Documents and Settings\Administrator>
>>>>>
>>>>> Is there a way I can test the WINS server to definitely make sure
>>>>> it's
>>>>> working?  Is it that SAMBA isn't broadcasting itself over the
>>>>> 10.10.12.0
>>>>> (VPN) network?
>>>>>
>>>>>
>>>>>        
>>>>
>>>>      
>>

More information about the samba mailing list