[Samba] cannot see or browse a share from a VPN client

H.S. hs.samix at gmail.com
Tue Jun 8 10:06:29 MDT 2010 

Hello.

I have three separate networks on my LAN:
wired network (192.168.0.0/24)
wireless network (192.168.5.0/24)
VPN (172.16.15.0/24)

Here is an ASCII art showing my setup:
            ,----------.
ppp0 <------eth1    eth0--192.168.0.0/24--->to LAN switch
            |      wlan0--192.168.5.0/24---> WLAN
            |       tun0--172.16.15.0/24---> VPN
            |__________|

                 |
        "ROUTER": Samba and VPN server machine


"ROUTER" is running Debian Testing and 2.6.30-2-686 kernel. The VPN
client mentioned below is a Dell laptop running Ubuntu Karmic.


I have setup Samba with a shared folder on the VPN server. I can browse
the Samba network from wireless machines fine. But I cannot do so from a
wireless machine with a VPN connection, i.e. VPN clients from my WLAN do
not see the Samba network (from Gnome Network browsing GUI). This is
what I wanted to achieve but it is not working. What am I missing here?

I have the following in smb.conf file (wireless clients are not allowed
intentinally, the idea is to allow them only via VPN):
hosts allow = 127.0.0.1 192.168.0.0/24 172.16.15.0/24
hosts deny = 0.0.0.0/0


Now, at this point, from a machine on wireless LAN, I am able to mount
the samba shared folder on "ROUTER" using "sudo smbmount .... -o
user=guest". However, I do not see the share from Gnome's Network GUI
tool. On the other hand, if the machine is put on the wired network, and
is connected via VPN, the GUI can see the share without any problems. In
short, smbmount works from LAN and from VPN, but Gnome Network browsing
works only from LAN and not from VPN. What have I missed in the setup?


In case this is relevant, when I start samba on the firewall machine
"ROUTER" , I see the following in its log:
  *****
  Samba name server ROUTER is now a local master browser for workgroup
ROUTERSMB on subnet 192.168.0.1
  *****
<SNIP>
  *****
  Samba name server ROUTER is now a local master browser for workgroup
ROUTERSMB on subnet 192.168.5.1

  *****

Why do only these two networks act as a local browser and why doesn't
VPN (172.16.15.0/24) also do so?


Thanks in advance.

-- 

Please reply to this list only. I read this list on its corresponding
newsgroup on gmane.org. Replies sent to my email address are just
filtered to a folder in my mailbox and get periodically deleted without
ever having been read.

More information about the samba mailing list