doing wins is always the better choice, and it takes no costs
to the network, some older progs ignore dns and do only wins.
I always setup Samba as a wins server, to avoid additional broadcasts by the windows clients, have a propper setup internal dns should be the normal case.
But this seems to me is only a add in your case.
Adsl or isdn , is only a question from performance , it doesnt relate to the quality of the vpn. ( for sure it should be stable anyway )
If your network is not really stable , maybe firewall issuses
on the xp client or on the gateway itself, the open and close
from a folder ist not clearly noticed by the server-client connection,
this might be your problem , using tcpdump and etherreal may clear this.
Using vpn ( pptp ) is difficult to setup , cause there are some many parts you have to think off.
I usually test it from a internal machine first.
Even if the pptp conect works from internal works perfectly, i start
to test it from outside.
I allways start the test from a isdn win client directly connected
to the internet , without having any firewall on the client enabled.
( normally after this test this client musst be reinstalled cause its totaly hacked by minutes )
If this works i do the same test via a direct adsl line.
If this works i used to test it with a direct adsl line
and kerio firewall enabled.
I never use Win xp firewall cause of low tuning features.
Also the win xp client should be able to connect to the samba domain
in the internal net without any problems , before trying conect it from vpn.
Last test ist with multiple adsl routers , having pptp passtrough enabled.
During this testing , i tuned the pptpd options to the values i posted,
and it works now stable and nice.
I would start trying conect from a internal machine to the samba
server via vpn, so you are sure it works in principal,
this is the to boarder the bug, after that you know if you have to tune
pptp or samba.
I have a test net , parted from internal and vpn net via a iptables firwall, so no dhcp problems may happen.
As a tip , you should have a look to openvpn which works very nice too,
i use it for static vpn , between my office networks (fixed ips), but you can also use it ( with dyndns ) for windows.But it is not my first choice vor dialup vpns.
Sorry but i dont know any more tips, tracing your network traffic
looking the log on the client server and the gateway should show up the bug.
Best Regards
Mark Huff schrieb:
robert,
the user is coming in via ADSL on both sides of the line....
As he is attaching to the samba share using IP address (not system name) then wins is not needed (is it?)...i.e., he maps the drive from WinXP as \\192.168.1.x\share .
We do not have a problem with him connecting through the VPN at all, only in getting the mapped share to stay where it belongs. He maps the drive initially, and can see the files in the share. He closes the explorer window for the mapped drive, then tries to reopen the explorer window for the drive to view the files and that is when the problem occurs....
I have a feeling it might have something to do with the port 139, but am not sure on that. I have lowered my mtu and mru in the options.pptpd file and initially we got good connection, but then, after being able to open the close the folders a few times, he got the problem of the not being able to open the folder with the error from windows that "the drive is already in use" kind thing. If he disconnected the mapped drive then re-maps it, it connects just fine initially, the just dies away again.
any thing else you can think of??
Mark
-----Original Message----- From: rruegner [mailto:[EMAIL PROTECTED] Sent: Friday, 10 September 2004 8:33 PM To: Mark Huff Subject: Re: [Samba] Using Samba over VPN - shares disconnect on Windows clients
Hi, i have also a dial in vpn over pptp and it works like charme, did you give the right wins server and dns server for the dial in machines, do you use the stripped domain patch? Are you aware that your dial in network range does not conflict with a dhcp server which migth be exist in your network too, what about the firewall ( iptables on the vpn gateway, some on th client? ) What are the samba logs. Are you sure that the problem does not not belong to a pptp passtrough problem on the client side? Inconsitant VPN Networks may result in multiple Problems.
i have something like this as pptp.options Note: to use this on use suse 9 i had to do a few patches ie stripped domain , and 128 bit
chapms-strip-domain name * lock mtu 1490 mru 1490 proxyarp auth +chap +chapms-v2 ipcp-accept-local ipcp-accept-remote lcp-echo-failure 3 lcp-echo-interval 5 deflate 0 mppe-128 mppe-40 mppe-stateless # Specify which DNS Servers the incoming Win95 or WinNT Connection should use # Two Servers can be remotely configured ms-dns 10.10.3.1
# Specify which WINS Servers the incoming connection Win95 or WinNT should use ms-wins 10.10.3.2
logfile /var/log/pptpd.log
i am runnig the pptp server direct on the firewall and have a completly seperated net for dial in
Best Regards
Mark Huff schrieb:
I am running Poptop 1.1.4 VPN server, Samba 3.0.6, RH 9 (2.4.20-8 patched for mppe-mppc). When the end user connects via VPN, they can create a
share
to the samba shared folder that was created. When they clost the explorer window, then reopen the shared drive from the "My Computer" view, the
share
can not be re-opened with the error that the mapped drive is alreay in
use.
I have searched high and low for possible solutions and have tried just about all of them, but nothing seems to correct this issue.
The network for the Samba server and Redhat is 192.168.1.X but coming on
on
the VPN the boxes are 192.168.2.x with client systems getting assigned IPs in the range 192.168.1.50-60 by the Poptop server.
I had been getting Samba read errors(436), but I seem to have gotten away
from those by resetting the services file of the Redhat on port 139 from
netbios to smbd.
Any ideas of where to jump from here?? (besides a tall building or short bridge?)
TYIA
Mark Huff --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.752 / Virus Database: 503 - Release Date: 3/09/2004
--- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.752 / Virus Database: 503 - Release Date: 3/09/2004
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.752 / Virus Database: 503 - Release Date: 3/09/2004
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
