[Samba] Samba WINS issues over VPN

Gaiseric Vandal gaiseric.vandal at gmail.com
Wed Mar 2 12:44:08 MST 2011

I am running Samba 3.4.8 as a PDC on Solaris 10.    I recently made this 
the WINS master-  previously the BDC (Samba 3.0.37 on another Solaris 10 

I also use Sonicwall ipsec VPN for remote access (Windows XP clients.)   
The sonicwall client creates a virtual NIC on the client so that the 
client can have an IP address directly on the company LAN (ie. the same 
LAN as the samba servers.)  I can, via dhcp, assign the WINS server IP 
to the sonicwall clients.

All ports should be open through the firewall between the sonicwall 
client NIC and the corporate LAN.   VPN clients can map network drives 
to windows or samba servers over the VPN.   NetBIOS broadcasts may be 

It appears to that WINS functionality does not work over VPN.     There 
are two pieces of evidence:

1.  No Wins.dat registration over VPN.
On the WINS server, I can view look at the wins.dat file to see which 
machines registered with the wins server.     If I connect from an XP  
laptop over the VPN, I do not see the machine in wins.dat.  (It does get 
added to browse.dat.)

2. NBlookup fails over VPN.
Microsoft provides a tool called "nblookup" for doing NetBios name 
lookups by querying a name server.    You can optionally specify the 
WINS server if the client is not configured to use one, or it you want 
to query a different WINS server.

     e.g nblookup SOMEMACHINE
            nblookup -s IP_OF_WINS_SERVER SOMEMACHINE


If the XP laptop is connected directly to the corporate LAN,  nblookup 
works fine.     If the XP laptop is connected via VPN, then nblookup 
fails, even if I specify the wins server IP address.  I tried this with 
both the current WINS server as well as the old WINS server (prior to 
the cutover.)

I would appreciate advice.


More information about the samba mailing list