VPN and SMB

Albert Cervera Areny albert at wickywicky.net
Tue Nov 12 08:16:17 GMT 2002 

Well, I think I didn't explain very well (too late night ;) I know how to
build the VPN, I'm in fact using FreeSwan and that is not the problem. The
thing is that I know how it works at IP level and how routing should work.

However, I'm not an expert in SMB protocol and that's why I ask this
question here. Tell me if you still think this would be off topic and
sorry if so.

Thus, the question is how can I make two independent networks for example
192.168.1.x and 192.168.2.x to see each other, keeping in mind that I have
a router in each side. I'm trying to analyze (at IP level) what will
happen when a machine from network 192.168.1.x when asks for a resource
which  it si not in its network. As far as I know the client will search
for the resource in its network through broadcast and I don't know how to
tell the client that this specific resource is in another network. Should
I specify a new gateway in the client?

I don't know if now it is clear what I mean.. sorry for my english (i do
my best :)

Thanks in advance!

> On Monday 11 November 2002 16:06, albert at wickywicky.net wrote:
>> I have to build a VPN within two networks each with a SMB network with
>> a Windows NT server and machines from both sides need to have access
>> to a file share of the server from the other side.
>
> Well, this is REALLY off-topic for an SMB Clients list, but I happen to
> know  the answer.
>
>> I wanted to do it with only one gateway configured in each windows
>> computer  and leave the routing decision to my linux router but I
>> don't know if it is possible.
>
> You need two gateways, one for each network.  And Linux is the wrong
> tool for  the job, unless you're into compiling custom kernels.  The
> protocol you want  to use is called IPSec, and it's illegal under US law
> to include it in the  Linux kernel.  I strongly recommend OpenBSD for
> VPN gateways -- since NO  OpenBSD code is produced in the United States,
> it comes out of the box with  IPSec built in.
>
>> Could somebody explain me how should it be configured?
>
> You have a lot of reading and research to do.  Learn all you can about
> IPSec,  and then ask this question on a mailing list that deals with
> those issues.
>
> Ken Barber

More information about the smb-clients mailing list