[Samba] Windows drive mapping using alternate port

Gaiseric Vandal gaiseric.vandal at gmail.com
Thu Feb 6 13:45:37 MST 2014

As far as I know, most IPSec VPN solutions allow to enable split 
tunneling.     The client's non corporate traffic does not get routed 
via the corporate VPN. (Some companies may turn this OFF because they 
don't want a client access the corporate network while possibly being 
remotely monitored or controlled by an internet attacker.)

Do you know what VPN solution you are using.   This is something for the 
VPN/Firewall/Router sysadmin to manage.

Are you using Samba 3 or Samba 4-  you could probably get traffic 
running over ports 137, 138 and 139 since Samba 3 doesn't actually run 
file traffic over 445.

However, I don't think the Windows file server protocol (samba or not) 
was really designed for heavy use over the internet.  Even "fast" 
internet links are slow compared to most LAN speeds. It might be ok for 
people copying files back and forth but not editing files directly from 
network shares.    (from my experience.)        You may be better off 
looking at a remote desktop type solution for a some of the users .

It also seems incredibly insecure to have a file server directly 
accessible from the Internet.

On 02/06/14 15:26, Chris Weiss wrote:
> depends on the specific vpn solution you pick.  pretty sure they all
> some option like that
> On Thu, Feb 6, 2014 at 2:19 PM, Kris Springer
> <kspringer at innovateteam.com> wrote:
>> Unchecking such a box would be ideal and may solve my problem.  Where is
>> this checkbox found?
>> Thanks.
>> Kris
>> -----Original Message-----
>> From: Chris Weiss [mailto:cweiss at gmail.com]
>> Sent: Thursday, February 06, 2014 12:11 PM
>> To: Kris Springer
>> Cc: Günter Kukkukk; samba
>> Subject: Re: [Samba] Windows drive mapping using alternate port
>> On Thu, Feb 6, 2014 at 2:04 PM, Kris Springer <kspringer at innovateteam.com>
>> wrote:
>>> I've got 50 remote users possibly doubling in the next year.  The idea
>>> is to map a drive that they have easy and constant access to.  If I
>>> tell everyone to VPN then the traffic on my server's network will go
>>> through the roof since all traffic for everyone will route through the
>>> VPN and not their local networks for regular internet use.  Skype
>>> would become unusable as well as a few other things.  A VPN would be
>>> ideal if it were only a few users that accessed the shares
>>> intermittently, but for 50+ users with constant access it's not really
>>> feasible.  Is this starting to sound like a situation where remote
>>> access just isn't going to work?  Is Samba simply a local file sharing
>> server that isn't really useful in today's remote world?
>>> Is there some other alternative that someone could suggest?
>> uncheck the "route all traffic through vpn" box.

More information about the samba mailing list