Re: Samba on a router; doesn't work for outer network.
On Monday 03 January 2005 07:12 am, Rob wrote: Hi, I have tried to configure Samba on a FreeBSD (5.3) router NAT. I want to have a single accessible directory with a password, that can be accessed from the inner network (10.0.0.X) as well as from the outer network (outer network = Windows PCs that use the same external router as the FreeBSD PC). It works for the inner network, but not for the outer network (see below for network scheme). All Windows PCs are XP. For testing this, I use an 'open' firewall. I should tighten the firewall as soon as this is working. The /usr/local/etc/smb.conf (configured with swat) is as follows: # smb.conf -- [global] workgroup = CISR netbios name = SURFACE server string = FreeBSD Samba Server passdb backend = tdbsam log file = /var/log/samba/log.%m max log size = 50 dns proxy = No ldap ssl = no [share] comment = Shared stuff path = /home/share invalid users = @wheel valid users = share read only = No force create mode = 0700 force security mode = 0700 #- The network scheme is as follows: |IP on outer network | |-| | FreeBSD | || | Router | | Switch | |-| |||10.0.0.1 | | | | | | | | \--/ | | | | | 10.0.0.2 | | | 10.0.0.3 | 10.0.0.4 What could be blocking Samba on the outer network? What communication is essential for Samba to work on the outer network? What tests can I do on the router to find out what's going wrong? Thanks so much, Rob. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I belive you'll have to add the interfaces option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...). I think you will have to use the advanced option in swat to be able to define this. Swat will also have more details on this option in the help. In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help on the option will give you more details. -- - James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba on a router; doesn't work for outer network.
James Jhai wrote: On Monday 03 January 2005 07:12 am, Rob wrote: Hi, I have tried to configure Samba on a FreeBSD (5.3) router NAT. I want to have a single accessible directory with a password, that can be accessed from the inner network (10.0.0.X) as well as from the outer network (outer network = Windows PCs that use the same external router as the FreeBSD PC). It works for the inner network, but not for the outer network (see below for network scheme). All Windows PCs are XP. For testing this, I use an 'open' firewall. I should tighten the firewall as soon as this is working. The /usr/local/etc/smb.conf (configured with swat) is as follows: # smb.conf -- [global] workgroup = CISR netbios name = SURFACE server string = FreeBSD Samba Server passdb backend = tdbsam log file = /var/log/samba/log.%m max log size = 50 dns proxy = No ldap ssl = no [share] comment = Shared stuff path = /home/share invalid users = @wheel valid users = share read only = No force create mode = 0700 force security mode = 0700 #- I belive you'll have to add the interfaces option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...). In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help on the option will give you more details. Thanks. I have added following lines in the [global] section of smb.conf: interfaces = fxp0, rl0, lo0 bind interfaces only = Yes hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1 hosts deny = ALL Is that what you are talking about? rl0 interface is connected to the 10.0.0.0/24 inner-network and fxp0 is connected to the outer-network with gateway 123.45.67.1. (I use real IP addresses instead of 123.45.67.89, of course). Rob. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba on a router; doesn't work for outer network.
On Monday 03 January 2005 08:45 am, Rob wrote: James Jhai wrote: On Monday 03 January 2005 07:12 am, Rob wrote: Hi, I have tried to configure Samba on a FreeBSD (5.3) router NAT. I want to have a single accessible directory with a password, that can be accessed from the inner network (10.0.0.X) as well as from the outer network (outer network = Windows PCs that use the same external router as the FreeBSD PC). It works for the inner network, but not for the outer network (see below for network scheme). All Windows PCs are XP. For testing this, I use an 'open' firewall. I should tighten the firewall as soon as this is working. The /usr/local/etc/smb.conf (configured with swat) is as follows: # smb.conf -- [global] workgroup = CISR netbios name = SURFACE server string = FreeBSD Samba Server passdb backend = tdbsam log file = /var/log/samba/log.%m max log size = 50 dns proxy = No ldap ssl = no [share] comment = Shared stuff path = /home/share invalid users = @wheel valid users = share read only = No force create mode = 0700 force security mode = 0700 #- I belive you'll have to add the interfaces option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...). In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help on the option will give you more details. Thanks. I have added following lines in the [global] section of smb.conf: interfaces = fxp0, rl0, lo0 bind interfaces only = Yes hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1 hosts deny = ALL Is that what you are talking about? rl0 interface is connected to the 10.0.0.0/24 inner-network and fxp0 is connected to the outer-network with gateway 123.45.67.1. (I use real IP addresses instead of 123.45.67.89, of course). Rob. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Yes thats what I was talking about. Did that fix the problem? -- - James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba on a router; doesn't work for outer network.
James Jhai wrote: On Monday 03 January 2005 08:45 am, Rob wrote: James Jhai wrote: On Monday 03 January 2005 07:12 am, Rob wrote: Hi, I have tried to configure Samba on a FreeBSD (5.3) router NAT. I want to have a single accessible directory with a password, that can be accessed from the inner network (10.0.0.X) as well as from the outer network (outer network = Windows PCs that use the same external router as the FreeBSD PC). It works for the inner network, but not for the outer network (see below for network scheme). All Windows PCs are XP. For testing this, I use an 'open' firewall. I should tighten the firewall as soon as this is working. The /usr/local/etc/smb.conf (configured with swat) is as follows: # smb.conf -- [global] workgroup = CISR netbios name = SURFACE server string = FreeBSD Samba Server passdb backend = tdbsam log file = /var/log/samba/log.%m max log size = 50 dns proxy = No ldap ssl = no [share] comment = Shared stuff path = /home/share invalid users = @wheel valid users = share read only = No force create mode = 0700 force security mode = 0700 #- I belive you'll have to add the interfaces option and define all the interfaces that you want samba to use. You can use IP's or the interface names (rl0, wi0, ndis0, ed0, etc...). In addition to setting firewall rules up, samba also has a deny/allow section, again the swat help on the option will give you more details. Thanks. I have added following lines in the [global] section of smb.conf: interfaces = fxp0, rl0, lo0 bind interfaces only = Yes hosts allow = 123.45.67.89/28, 10.0.0.0/24, 127.0.0.1 hosts deny = ALL Is that what you are talking about? rl0 interface is connected to the 10.0.0.0/24 inner-network and fxp0 is connected to the outer-network with gateway 123.45.67.1. (I use real IP addresses instead of 123.45.67.89, of course). Yes thats what I was talking about. Did that fix the problem? No, it didn't. I'm now teaching the Windows guys how to use sFtp to connect to the router; probably the most secure way of communication, I guess. In that case I will abandon samba altogether. Thanks for your help. Rob. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba on a router; doesn't work for outer network.
Wish that my advice fixed it for you. Sounds like you found a better solution though. -- - James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
