[Samba] Openvpn and samba: play nice together?

Allen Chen achen at harbourfrontcentre.com
Mon Nov 2 14:45:27 UTC 2015 

openVPN with TUN connection works perfect here.
I configured 2 TUN connections to connect two remote offices(over DSL 
line) to our main site without any issue.
Here is my configuration:
Main site: samba4 AD DC server1, plus a file server1, and a dedicated 
openVPN server
site1: samba4 AD DC server2, plus a file server2, and a dedicated 
openVPN server with TUN connection to the main site
            all clients log in to this AD DC and can map share on file 
server2(local) and on file server1(located in the main site)
site2: no AD DC, but a dedicated openVPN server with TUN connection to 
the main site
            all clients log in to the AD DC on the main site, and map 
share on file server1(located in the main site)

I think if you don't use browse function then you don't need TAP connection.
AD DC uses DNS without any broadcast.

Allen

On 11/1/2015 7:20 AM, Christian Keck wrote:
> You definetly need a TAP connection to make samba work over VPN. We use OpenVPN host2net-accounts created with IPCop here since quite a while and it works with samba without problems. However, the speed is of course not as fast as in local net, but this is rather related to the way the SMB-protocoll works. ;-)
>
> ________________________________________
> Von: samba [samba-bounces at lists.samba.org]" im Auftrag von "Reindl Harald [h.reindl at thelounge.net]
> Gesendet: Sonntag, 1. November 2015 05:41
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Openvpn and samba: play nice together?
>
> Am 31.10.2015 um 21:45 schrieb Douglas D Germann Sr:
>> I'm stumped! Cannot get mount.cifs to work over a tun connection. How
>> would you trouble-shoot this?
>>
>> 1. It cannot be openvpn causing the problem: I can ping across the
>> connection both directions on all machines
> TUN is a routed VPN with no broadcast over networks
> TAP is a bridged VPN
>
> so it *can* and likely is how you setup your VPN
>
>
>
>


-- 
Allen Chen
Network Administrator
IT

Harbourfront Centre

235 Queens Quay West, Toronto, ON
M5J 2G8, Canada | harbourfrontcentre.com <http://www.harbourfrontcentre.com>
Office: +1 416 973 7973
Cell: +1 416 556 2493

More information about the samba mailing list