I do use IPsec VPN with SAMBA with many locations. This it with both
Firewall to Firewall VPN with 2 Sonicwalls, Firewall to Firewall with
Sonicwall on one side and Netopia 9100 Router connected to a cable modem on
the other. And Sonicwall firewall to Sonicwall VPN. In every scenario one
thing is need in order to get things to work properly and this is a WINS
server. Make sure every machine points to you WINS server (of course SAMBA
can act as one and works very well.) This is due to NetBIOS broadcast will
not go past any router. Since a looks like a router to NetBIOS, it will not
be able to see machines in your network neighborhood unless you and the
other machines are using the same WINS server. Once this is fixes, exchange
server and domain logins will work fine.
	-Scott Shackelford
> -----Original Message-----
> From: samba-bounces+scott=customtransport.com@lists.samba.org
> [mailto:samba-bounces+scott=customtransport.com@lists.samba.org]On
> Behalf Of Eric A Rasor
> Sent: Wednesday, August 06, 2003 4:34 PM
> To: samba@lists.samba.org
> Subject: [Samba] NetBIOS over ipsec using samba
>
>
> I am sure someone has had success getting NetBIOS names to
> transfer from one
> side of a VPN to the other, but I'm not that person (yet).  I
> have read all
> available documentation and newsgroups and have exhausted my patience.  I
> have a linux box running 2.4.21 kernel with Freeswan on each end of a VPN
> (its working).  I have "Arno's iptables" firewall installed
on
> each end (It
> is working).  I have samba 2.2.8a running on each of those machines (it is
> working).  But for the life of me I can't get the settings correct
using
> swat to make them exchange information.  Here are the basic
> questions that I
> have which have been answered in mailing lists but with different answers
> (sometimes very opposite of each other).  Some of the answers to these
> questions will eliminate the need for answering the others, I know... But
> please do, since I have not had any sleep for 4 days.
>
> 1.	Does anybody have this scenario running successfully?  Can I see
> your configuration?
> 2.	Can the workgroup on each side of the VPN be the same?
> 3.	Can the domain (Exchange Server) on one end have the same name as
> the workgroup?
> 4.	Am I going about it wrong if I have the Exchange Server running on
> one side?
> 5.	Should I just give up and write out big nasty lmhosts definitions?
>
> Thanks in advance
>
> ER
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>