Hello All, I have a strange problem regarding samba 3.0.37 I have samba server installed in the local network behind NAT, the router iptables are configured as follows: #samba $IPT -t nat -A PREROUTING -i $INET_IFACE -p udp -d $INET_IP -m multiport --dports 137,138 -j DNAT --to-destination $FILESERV $IPT -t nat -A PREROUTING -i $INET_IFACE -p tcp -d $INET_IP -m multiport --dports 139,145 -j DNAT --to-destination $FILESERV #samba $IPT -A FORWARD -p udp -m state --state NEW -i $INET_IFACE -d $FILESERV -m multiport --dports 137,138 -j ACCEPT $IPT -A FORWARD -p tcp -m state --state NEW -i $INET_IFACE -d $FILESERV -m multiport --dports 139,145 -j ACCEPT The samba server is working fine and both smbd and nmbd are started. I have no problems accessing samba shares from local network using \\IP or \\HOSTNAME But when I try to access samba from outside of my network I can only use \\IP, any attempt to use \\HOSTNAME results in "Windows couldn't find HOSTNAME..." message, though HOSTNAME on windows machine is resolved correctly. I thought it might be related to "interfaces" option, so I added router address into it but still cannot access samba by HOSTNAME from outside of the network. I all so sure that the problem doesn't relate to one particular windows setup since I can reproduce the problem on all windows machines outside local network. From samba log files it looks like there is no connection comes when \\HOSTNAME is used on windows computers. I would appreciate if someone could shed a light upon the problem. Thanks in advance. -- Best regards, Igor mailto:sprog at online.ru
2010/1/21 Igor <sprog at online.ru>:> Hello All, > > ?I have a strange problem regarding samba 3.0.37 > > ?I have samba server installed in the local network behind NAT, the > ?router iptables are configured as follows: > > ?#samba > ?$IPT -t nat -A PREROUTING -i $INET_IFACE -p udp ?-d $INET_IP -m multiport --dports 137,138 -j DNAT --to-destination $FILESERV > ?$IPT -t nat -A PREROUTING -i $INET_IFACE -p tcp ?-d $INET_IP -m multiport --dports 139,145 -j DNAT --to-destination $FILESERV > > ?#samba > ?$IPT -A FORWARD -p udp -m state --state NEW -i $INET_IFACE -d $FILESERV -m multiport --dports 137,138 -j ACCEPT > ?$IPT -A FORWARD -p tcp -m state --state NEW -i $INET_IFACE -d $FILESERV -m multiport --dports 139,145 -j ACCEPT > > ?The samba server is working fine and both smbd and nmbd are started. I > ?have no problems accessing samba shares from local network using \\IP or > ?\\HOSTNAME > > ?But when I try to access samba from outside of my network I can only > ?use \\IP, any attempt to use \\HOSTNAME results in "Windows couldn't > ?find HOSTNAME..." message, though HOSTNAME on windows machine is resolved > ?correctly. > > ?I thought it might be related to "interfaces" option, so I added > ?router address into it but still cannot access samba by HOSTNAME from > ?outside of the network. I all so sure that the problem doesn't relate to > ?one particular windows setup since I can reproduce the problem on all > ?windows machines outside local network. > > ?From samba log files it looks like there is no connection comes when > ?\\HOSTNAME is used on windows computers. > > > ?I would appreciate if someone could shed a light upon the problem. > ?Thanks in advance.try \\fully.qualified.dns.name.of.samba.server -- Eero
Hello James, Friday, January 22, 2010, 1:11:12 AM, you wrote: You're right, I messed it up, that was causing the problem in the first place. Now all the Windows XP machines outside of the network are able to connect to samba server using both \\HOSTNAME and \\IP. But Windows 2003 server is still only able to use \\IP. :-), but I will figure it out. Many thanks!>> #samba >> $IPT -t nat -A PREROUTING -i $INET_IFACE -p udp -d >> $INET_IP -m multiport --dports 137,138 -j DNAT >> --to-destination $FILESERV >> $IPT -t nat -A PREROUTING -i $INET_IFACE -p tcp -d >> $INET_IP -m multiport --dports 139,145 -j DNAT >> --to-destination $FILESERV >> >> #samba >> $IPT -A FORWARD -p udp -m state --state NEW -i $INET_IFACE >> -d $FILESERV -m multiport --dports 137,138 -j ACCEPT >> $IPT -A FORWARD -p tcp -m state --state NEW -i $INET_IFACE >> -d $FILESERV -m multiport --dports 139,145 -j ACCEPT >>JZ> Also, JZ> Is port 145 in your ruleset a typo? JZ> Try changing that to port 445. JZ> James Zuelow JZ> Network Specialist JZ> City and Borough of Juneau MIS (907)586-0236 -- www.rol.ru Best regards, Igor mailto:sprog at online.ru