[Samba] Blocking workgroup discovery

Gaiseric Vandal gaiseric.vandal at gmail.com
Thu Jun 24 06:00:02 MDT 2010 

I think, by the fundamental nature of how networking protocols work, that
broadcasts do not pass through routers -  although with a VPN it may be a
little different.


However, I have the same situation.  A Windows server on the host network
shows my "home" workgroup in the network neighborhood.  However I can't see
my home computer listed in it.  If I know the ip of my home computer I can
use "net use \\x.x.x.x" to get to shares on it.  


My VPN client (sonicwall) has a virtual network interface that gets an IP
from the same class C range as the host network.  From the perspective of
the samba server, my home PC is on the local work network.  The VPN
configuration on the server includes an option "Enable Windows Networking
(NetBIOS) Broadcast - disabled" -  I am not sure if that means NBT (NetBios
over TCP/IP) or the really old NetBEUI (remember Windows for Workgroups?)
VPN Clients are not using WINS -  I thought this would fix the issues but it
didn't.  The Samba server is not the WINS server but it is (or should be)
the master browser.

I don't know if this means that my host PC has registered with the browser
on the samba server OR if broadcasts initiated by my host PC on the VPN
virtual network interface are passing through the VPN.    My local PC's
Network Neighborhood only shows its own workgroup, not the corporate one or
other VPN users.   Maybe I can adjust my Windows firewall setting to block
outgoing netbios.

  






-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Tjerk Jan Vonk
Sent: Thursday, June 24, 2010 5:24 AM
To: samba at lists.samba.org
Subject: [Samba] Blocking workgroup discovery

Hi all,

At my work I`ve set up a VPN. When I connect to it, my colleagues see 
all the workgroups from my side of the VPN (I live on a campus with ~50 
workgroups). Do you know how I block the workgroup discovery on through 
the VPN gateway? Is the broadcast done on a specific port? Is samba 
actively repeating the broadcast and their replies?

Greetings

Tjerk Jan
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list