Kinda OT. I've been trying to get Samba running on a Centos 5 box for some time now, but can't seem to get it to happen. I can not connect to the machine from our external network but I can connect from a box on the same network. So it seems like a firewall problem. Funny thing is I have no problem with Samba on a Centos 6 box. For now, that's the one I'm using for all of my mounts. I have looked and looked at my firewall to try and find a difference in the "allows", but can find nothing, so I ask... Does anyone have a clue as to whether there was a difference in the setup for Samba on Centos 5 from the setup on Centos 6 that might be a 'gotcha'? Sorry for the stupidity. I've checked all the ports needed, both TCP and UDP, and they all seem to be open. I'm hoping there was a change in defaults or something I'm just overlooking. Thanks steve campbell
On Mon, 2014-03-10 at 11:45 -0400, Steve Campbell wrote:> Kinda OT. > > I've been trying to get Samba running on a Centos 5 box for some time > now, but can't seem to get it to happen. I can not connect to the > machine from our external network but I can connect from a box on the > same network. So it seems like a firewall problem.This is covering the basics, but did you perhaps limit the IP range allowed to connect to the samba service in /etc/samba/smb.conf in either the interfaces or hosts allow = statements to exclude the external network? As far as I know these statements have not changed between CentOS 5 and 6. Sane defaults typically limit this so your shares are not potentially exposed to the wider internet. Alternatively, is your default route set up properly for the other network on both machines? If your samba is configured for access via tcp_wrappers /etc/hosts.allow and /etc/hosts.deny comes into play. This is again not standard configuration. If these suggestions don't solve it we may need extracts from your configuration files. Exclude comments and mask sensitive information before you post these. In the basic port open or not firewall configuration the server should not care where the connection comes from so I would look at the samba configuration first.