samba - Nov 2004 - Samba 3 can't listen on VPN / tun interfaces?

Hello,

I have an OpenVPN running on a system with Samba 3.0.9.

However, with this setting (tun2 is my VPN device):

interfaces = tun2, lo
bind interfaces only = Yes

it doesn't bind to tun2, but to ppp0.

What the heck?


Tomek

rruegner wrote:
> Hi,
> pleases read the faqs from openvpn,
> you will find that only tap interfaces are working
> with windows/samba, but youre in a luck that it isnt a big problem to 
> setup them
quite the contrary, switching from tun to tap appeared to be a big 
problem - I spent a couple of hours trying to figure out why can't I 
reach or ping hosts on the other side of the VPN when I use tap (using 
tun it wasn't a problem at all).

So here is the solution if someone had a similar problem (both sides are 
running Linux 2.6 and OpenVPN 1.6):

Side A - standalone server:

openvpn --remote remote-side-B.tld --dev tap --ifconfig 192.168.5.2 
255.255.255.0 --verb 4 --comp-lzo --resolv-retry 999999 --ping-restart 
120 --ping 60 --port 5001 --daemon

route add -net 192.168.0.0/24 gw 192.168.5.2 dev tap0


Side B - a server + LAN:

openvpn --remote remote-side-B --dev tap --ifconfig 192.168.0.232 
255.255.255.0 --verb 4 --comp-lzo --resolv-retry 999999 --ping-restart 
120 --ping60 --port 5001 --daemon

route add -host 192.168.5.2 gw 192.168.0.232 dev tap0

echo "1">/proc/sys/net/ipv4/conf/tap0/proxy_arp


The last line (echo ... proxy_arp) is necessary if you want to reach LAN 
clients from Side A! This is not necessary with tun however.


I was getting something like this if I didn't set it (and couldnt ping 
nor reach any machine):

linux:~ # tcpdump -i tap0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap0, link-type EN10MB (Ethernet), capture size 96 bytes
21:36:43.553713 arp who-has pc009 tell 192.168.5.2
21:36:44.552816 arp who-has pc009 tell 192.168.5.2


Don't forget to setup a right routing on LAN clients (if necessary).


Tomek