[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] samba, my network places, and routed vpn

  • Subject: Re: [Openvpn-users] samba, my network places, and routed vpn
  • From: Colin Ryan <colinr@xxxxxxxx>
  • Date: Sun, 06 Jan 2008 11:17:09 -0500


This is all easier said than done. I've tried it a couple of times 
ultimately with no success.

Instead of outlining what's required (which I will do) I will start with 
- from my trying it and reading (maybe someone will set me straight) 
I'll start with why/when it doesn't work.

#1 Problem: Name resolution and browsing are not the same thing and it's 
browsing that is the "bitch".

Fundamentally you can get name resolution by way of Samba, where the 
samba server will broadcast to the remove subnet and get the result, but 
these queries do NOT build the master browser list with IP addresses, 
just names.

So the crux of it is that unless you have a domain controller that the 
workstations register with and then enable WINS services or maybe if you 
have your Samba box being the domain controller (and handing out IP's)  
then I believe a proper browsing list get's created. But if you have no 
domain controller it is my feeling that your SoL with respect to browsing.

--- Requirements for cross domain browsing --
The general problem with the Windows networking in a network containing 
(any sort of) routers is that it relies on broadcasts for name 
resolution and browse lists, and routers usually don't pass broadcasts. 
Communication of machine names and browse lists (i.e. the lists you can 
see in the "Network Neighborhood" windows) across subnets requires the 
use of machines which run special services:

*(at least) one WINS server in the network - must be configured;
*one domain master browser for each Workgroup or Domain - must be 
*one local master browser in each subnet - selected automatically among 
all active Windows (9x/NT) or Samba machines but can be configured to 
prefer a machine with long uptime for reliability.
*It is possible to use Windows NT machines or Samba for each of these 
tasks. The file BROWSING.txt from the Samba documentation explains how 
this works and how to set it up.
*It is also necessary that all machines participating in the Windows 
network are configured to use the WINS server for name resolution.

Dave wrote:
> Hello,
>     I've got a routed openvpn setup on a box that is also running samba. I 
> would like my connecting network clients to be able to browse samba shares 
> from their network places. I know that broadcasts don't work in routing 
> mode, just bridging, i've got samba acting as a wins server for the local 
> lan and push that option to the network connecting vpn clients. The 
> connecting clients however still can not see network shares. Did i miss 
> something? Aside from this everything else works?
> Thanks.
> Dave.
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

Openvpn-users mailing list