|
|
LZO-compression was no problem. For the interested reader, I just downloaded the lzo-1.08.tar.gz tarball from www.oberhumer.com, installed it, reinstalled openvpn and finally I enabled lzo compression in my config files. -----Oprindelig meddelelse----- Fra: René Pedersen [mailto:rene76@xxxxxxx] Sendt: 6. april 2004 00:07 Til: openvpn-users@xxxxxxxxxxxxxxxxxxxxx Emne: Re: Re: Re: [Openvpn-users] howto change gateway??? Hi again, Good news :) After a lot of trials and errors I found a working configuration. My smb.conf looks like this: [global] log file = /var/log/samba/log.%m share modes = yes load printers = no lock directory = /var/lock/samba workgroup = NYT-SKAB invalid users = root security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd server string = NYT SKAB server socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no interfaces = tap0 eth0 bind interfaces only = yes netbios name = SAMBASERVER wins support = yes guest account = nobody local master = yes domain master = yes preferred master = yes os level = 65 [standard] comment = disk 1 path = /mnt/disk1/standard read only = no max connections = 5 create mode = 0750 I tried to comment out the settings for wins in the smb.conf (from wins support = yes .... os level 65), and it seems to work anyway. So maybe wins is not neccessary? My config.conf for OpenVPN on my linux server writes the following: dev tap ifconfig 10.3.0.1 255.255.255.0 secret key.txt ping 10 verb 3 mute 10 The config.ovpn on my xp-box includes the following lines: remote x.x.x.x <------- wan ip of my linux server dev tap ifconfig 10.3.0.2 255.255.255.0 secret key.txt ping 10 verb 3 mute 10 ip-win32 manual It took some time before I found the "ip-win32 manual" option. Without this option OpenVPN tries to automatically set the ip-settings for the TAP-device, and this broke my head with questions. Sometimes it worked and sometimes it did not work. And whenever it worked I could not identify what I had done to make it work. However, with the "ip-win32 manual" option it works, when I on my xp-box within the properties for my TAP-device: 1) enter the clients tunnel ip and subnet (for me: 10.3.0.2 and 255.255.255.0) in the tcp/ip settings, 2) enter the ip address for my WINS-server (for me: 10.3.0.1 because I have enabled the wins-server in the smb.conf) in the WINS-settings, and finally 3) enable the "NETBIOS over TCP/IP" obtion. After starting OPENVPN on my server and xp-box (and a restart of my samba-server) I just had to hit .... START --> RUN: "\\10.3.0.1" or RUN:"\\sambaserver".... and the directories of my samba-server were available in my xp-browser :) But something strange is happening when I exit a vpn-session and initiate it again (without restarting windows): Whenever I make a change in the my xp-browser to the files and directories on my samba server, I have to refresh the browsing window to see the changes in the window. Why is that???? Next I will try the LZO-compression to see if this makes the vpn-link faster for me. I see that there is among others two LZO packets available to me. A mini-packet and a large packet. Which should I choose??? I'm all ears, if you identify any errors in my configuration. Thankyou for the feed back. Regards, René -----Oprindelig meddelelse----- Fra: openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx]På; vegne af John Locke Sendt: 4. april 2004 20:05 Til: rene pedersen Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx Emne: Re: Re: [Openvpn-users] howto change gateway??? On Sun, 2004-04-04 at 07:02, rene pedersen wrote: > Thanks again for the help. > > I am leading you in the wrong direction. I think I have a routing problem. > If you can ping through the tunnel, it's not a routing problem. > When I establish the tunnel within the LAN with the samba server, I am able > to > 1) ping the samba server through the tunnel (ip 10.3.0.1), > and after I have restarted the samba server, I can > 2) connect to the samba server through the tunnel (ip 10.3.0.1). > > This I can do without the "interfaces = ..." and WINS settings in the > smb.conf. > > However, when I establish the tunnel over the internet I can only ping > through the tunnel. When I run "\\10.3.0.1" no connection to the samba server is > found. > > So the problem arises, when I try to connect to the samba server through: > > XP openvpn client > 192.168.2.x > | > V > 192.168.2.1 > Firewall box > 192.168.1.1 > | > V > 192.168.1.100 > cable modem > a.b.c.d > | > V > Internet > | > V > e.f.g.h > ADSL-modem > 192.168.1.1 > | > V > 192.168.1.2 > Firewall box > 192.168.2.1 > | > V > 192.168.2.y > Samba server > > Why can I ping through the tunnel, but not connect to the samba server? Okay, obviously it's some issue with Windows networking. It looks like Renato can help you with the server end, but the problem might also be on the client. Two possibilities: firewall or NetBIOS not enabled on the tun device. It could be that while you're connected to the LAN, Windows Networking is simply bypassing the tap device and using the NIC directly, unencrypted, to connect to the Samba server (because it broadcasts a request for a server matching the name, and your Samba server answers, even though it's not using that interface at the time...) If you've recently upgraded to Windows XP Service Pack 2, the Windows Firewall has probably been "helpfully" turned on for you. In Network Connections, open the properties page for the tap device, go to the Advanced tab, and check your firewall settings (turn it off completely for this device). If you have any other firewall running on your client, check its settings, too. The other thing is whether the client will pass NetBIOS requests through the tunnel. In the advanced properties for the tap device, make sure Client for Microsoft Networks is listed. Then go into the TCP/IP settings for the connection, and look on the WINS tab. I forget which option you need--somehow you need to allow NetBIOS over TCP/IP. And while you're there, give it the IP address for the WINS server, because the broadcast won't get routed through the tunnel. And make sure you turn WINS on on the Samba server... Restart your computer if you made any changes, and it should work... Hope that helps... Cheers, -- John Locke Open Source solutions for small business problems http://freelock.com ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |