[Samba] Samba over VPN
Gaiseric Vandal
gaiseric.vandal at gmail.com
Thu Apr 22 15:44:15 MDT 2010
I had misread- I thought the DC was the one "remote." I think
-but am not sure- that WINS should have handled any "netbios" stuff
including locating the DC. I could be wrong tho. Can you try editing
the lmhosts file on the Win 2003 machine to provide the DC info?
Is the sonicwall configured for a site-to-site VPN (i.e. the IP
addresses at both ends are explicitly configured) or is the Win 2003
machine configured as a regular single user remote PC (what sonicwall
calls a GroupVPN account.)
Sonicwall may have some options to redirect netbios but I am pretty sure
you should not need this.
On 04/22/2010 04:26 PM, Mike A. Leonetti wrote:
> The W2K3 server is not the VPN client, the VPN client is a Sonicwall
> device. However, the side that has the DC (samba), the DC server also
> initiates the VPN (openswan). IPSec starts before samba.
>
>
> Leonardo Carneiro - Veltrac wrote:
>
>> The W2K3 server is the VPN client or is a host behind a vpn client
>> that have a route to the remote network? Is the server IS the vpn
>> client, does the connection is being made by a service (prior to the
>> user login) or you just connect to the VPN after login?
>>
>>
>> Gaiseric Vandal wrote:
>>
>>> How do the clients get IP addresses? You could try adding the WINS
>>> server value to the client ip address (either statically or via
>>> DHCP.) Then they should be able to get the necessary netbios name
>>> info even tho they are on a separate subnet.
>>>
>>> Why do you have the DC "distant" from the clients that it supports?
>>>
>>>
>>>
>>>
>>>
>>> On 04/22/2010 09:41 AM, Mike A. Leonetti wrote:
>>>
>>>> Yeah. I don't think it's the VPN blocking traffic. I think my WINS
>>>> server is not functioning properly. I'll keep working at it.
>>>>
>>>> Daniel Müller wrote:
>>>>
>>>>
>>>>> Are you sure,
>>>>>
>>>>> I thought with ipsec there could be netbios bypassing the tunnel.
>>>>> Shares and dns are always working.
>>>>>
>>>>>
>>>>>
>>>>> -----------------------------------------------
>>>>> EDV Daniel Müller
>>>>>
>>>>> Leitung EDV
>>>>> Tropenklinik Paul-Lechler-Krankenhaus
>>>>> Paul-Lechler-Str. 24
>>>>> 72076 Tübingen
>>>>>
>>>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>>>> eMail: mueller at tropenklinik.de
>>>>> Internet: www.tropenklinik.de
>>>>> -----------------------------------------------
>>>>>
>>>>> -----Ursprüngliche Nachricht-----
>>>>> Von: Mike A. Leonetti [mailto:mleonetti at evolutionce.com]
>>>>> Gesendet: Mittwoch, 14. April 2010 16:47
>>>>> An: mueller at tropenklinik.de
>>>>> Cc: samba Mailing
>>>>> Betreff: Re: AW: [Samba] Samba over VPN
>>>>>
>>>>> Daniel,
>>>>>
>>>>> I'm using ipsec for a VPN. Since all shares are working and name
>>>>> resolution all netbios packets seem to be traversing the VPN no
>>>>> problem.
>>>>>
>>>>> Thanks.
>>>>>
>>>>> Daniel Müller wrote:
>>>>>
>>>>>
>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> as far I know you need a vpn with netbios enabled. This can be
>>>>>> done witch
>>>>>> openvpn in briding mode. Or with a router having this option.
>>>>>>
>>>>>> Greetings
>>>>>> Daniel
>>>>>>
>>>>>> -----------------------------------------------
>>>>>> EDV Daniel Müller
>>>>>>
>>>>>> Leitung EDV
>>>>>> Tropenklinik Paul-Lechler-Krankenhaus
>>>>>> Paul-Lechler-Str. 24
>>>>>> 72076 Tübingen
>>>>>>
>>>>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>>>>> eMail: mueller at tropenklinik.de
>>>>>> Internet: www.tropenklinik.de
>>>>>> -----------------------------------------------
>>>>>>
>>>>>> -----Ursprüngliche Nachricht-----
>>>>>> Von: samba-bounces at lists.samba.org
>>>>>> [mailto:samba-bounces at lists.samba.org]
>>>>>>
>>>>>>
>>>>>>
>>>>> Im
>>>>>
>>>>>
>>>>>
>>>>>> Auftrag von Mike A. Leonetti
>>>>>> Gesendet: Dienstag, 13. April 2010 22:27
>>>>>> An: Samba Mailing
>>>>>> Betreff: [Samba] Samba over VPN
>>>>>>
>>>>>> Have a 2003 server located outside of the Domain network over a VPN.
>>>>>> The server originally existed inside the network (10.1.1.0/24) but
>>>>>> now
>>>>>> exists on 10.10.12.0/24. I can access shares over the VPN to the
>>>>>> domain
>>>>>> controller, but when I try to log in as a domain user it says the
>>>>>> domain
>>>>>> is unavailable.
>>>>>>
>>>>>> I added the domain controller as a WINS server on the 2003 server.
>>>>>> nbtstat -c on the 2003 does list the domain controller and the
>>>>>> domain.
>>>>>>
>>>>>> Microsoft Windows [Version 5.2.3790]
>>>>>> (C) Copyright 1985-2003 Microsoft Corp.
>>>>>>
>>>>>> C:\Documents and Settings\Administrator>nbtstat -c
>>>>>>
>>>>>> Local Area Connection 2:
>>>>>> Node IpAddress: [10.10.12.244] Scope Id: []
>>>>>>
>>>>>> NetBIOS Remote Cache Name Table
>>>>>>
>>>>>> Name Type Host Address Life [sec]
>>>>>> ------------------------------------------------------------
>>>>>> CRCOMPUTER<1C> GROUP 10.1.1.1 390
>>>>>> CRCOMPUTER<1B> UNIQUE 10.1.1.1 387
>>>>>> FORTISSIMO<20> UNIQUE 10.1.1.1 430
>>>>>>
>>>>>> C:\Documents and Settings\Administrator>
>>>>>>
>>>>>> Is there a way I can test the WINS server to definitely make sure
>>>>>> it's
>>>>>> working? Is it that SAMBA isn't broadcasting itself over the
>>>>>> 10.10.12.0
>>>>>> (VPN) network?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>
More information about the samba
mailing list