Hello.
I have three separate networks on my LAN:
wired network (192.168.0.0/24)
wireless network (192.168.5.0/24)
VPN (172.16.15.0/24)
Here is an ASCII art showing my setup:
,----------.
ppp0 <------eth1 eth0--192.168.0.0/24--->to LAN switch
| wlan0--192.168.5.0/24---> WLAN
| tun0--172.16.15.0/24---> VPN
|__________|
|
"ROUTER": Samba and VPN server machine
"ROUTER" is running Debian Testing and 2.6.30-2-686 kernel. The VPN
client mentioned below is a Dell laptop running Ubuntu Karmic.
I have setup Samba with a shared folder on the VPN server. I can browse
the Samba network from wireless machines fine. But I cannot do so from a
wireless machine with a VPN connection, i.e. VPN clients from my WLAN do
not see the Samba network (from Gnome Network browsing GUI). This is
what I wanted to achieve but it is not working. What am I missing here?
I have the following in smb.conf file (wireless clients are not allowed
intentinally, the idea is to allow them only via VPN):
hosts allow = 127.0.0.1 192.168.0.0/24 172.16.15.0/24
hosts deny = 0.0.0.0/0
Now, at this point, from a machine on wireless LAN, I am able to mount
the samba shared folder on "ROUTER" using "sudo smbmount .... -o
user=guest". However, I do not see the share from Gnome's Network GUI
tool. On the other hand, if the machine is put on the wired network, and
is connected via VPN, the GUI can see the share without any problems. In
short, smbmount works from LAN and from VPN, but Gnome Network browsing
works only from LAN and not from VPN. What have I missed in the setup?
In case this is relevant, when I start samba on the firewall machine
"ROUTER" , I see the following in its log:
*****
Samba name server ROUTER is now a local master browser for workgroup
ROUTERSMB on subnet 192.168.0.1
*****
<SNIP>
*****
Samba name server ROUTER is now a local master browser for workgroup
ROUTERSMB on subnet 192.168.5.1
*****
Why do only these two networks act as a local browser and why doesn't
VPN (172.16.15.0/24) also do so?
Thanks in advance.
--
Please reply to this list only. I read this list on its corresponding
newsgroup on gmane.org. Replies sent to my email address are just
filtered to a folder in my mailbox and get periodically deleted without
ever having been read.
H.S.
2010-Jun-09 16:47 UTC
[Samba] [part success] Re: cannot see or browse a share from a VPN client
On 08/06/10 12:06 PM, H.S. wrote:> Hello. > > I have three separate networks on my LAN: > wired network (192.168.0.0/24) > wireless network (192.168.5.0/24) > VPN (172.16.15.0/24) > > Here is an ASCII art showing my setup: > ,----------. > ppp0 <------eth1 eth0--192.168.0.0/24--->to LAN switch > | wlan0--192.168.5.0/24---> WLAN > | tun0--172.16.15.0/24---> VPN > |__________| > > | > "ROUTER": Samba and VPN server machine > > > "ROUTER" is running Debian Testing and 2.6.30-2-686 kernel. The VPN > client mentioned below is a Dell laptop running Ubuntu Karmic.Well, got some of it working. Here are the settings that worked for me: interfaces = 127.0.0.0/8 172.16.15.0/24 eth0 wlan0 tun0 # samba host not visible on VPN client without the following remote announce = 172.16.21.255 #for security (allow only local, wired lan and VPN clients) hosts allow = 127.0.0.1 192.168.0.0/24 172.16.15.0/24 hosts deny = 0.0.0.0/0 Even though I can see and browse to the samba share from Gnome's Network GUI from a VPN client, but I cannot access the shared folder. The Network GUI reports "Unable to mount location - Failed to mount windows share". Note that I can mount the share using smbmount command by specifying the user=guest option, however. Here is the smb.conf file on ROUTER: #-----------------------------------------------------------> grep -v '^[#;]' /etc/samba/smb.conf | grep -v '^ *$'[global] workgroup = routersmb server string = %h server dns proxy = no interfaces = 127.0.0.0/8 eth0 wlan0 tun0 remote announce = 172.16.21.255 hosts allow = 127.0.0.1 192.168.0.0/24 172.16.15.0/24 hosts deny = 0.0.0.0/0 log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = share encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes [homes] comment = Home Directories browseable = no read only = yes create mask = 0700 directory mask = 0700 valid users = %S [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [SharedFolder] comment = Shared folder for general use. browsable = yes guest ok = yes path = /media/common_folder writable = yes ;force create mode = 0770 ;force directory mode = 0775 #----------------------------------------------------------- So, what am I missing further regarding this failure of Gnome Network GUI to mount the windows share? Thanks. -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read.