|
|
My two cents, René Pedersen disse: > Hi again, > > Thankyou for the quick respons. > > I have tried to restart my samba server after I have established the > tunnel. > But still I cannot connect to my samba server through 10.3.0.1 over the > internet. > > I also tried to add the entry "interfaces = tap0 eth0" to the smb.conf. Ouch, this parameter uses the ip number of the interface with it's netmask appended, as: interfaces = 192.168.0.0/24 10.0.0.0/16 and so on... It's evident that hosts allow must permit the connection to the remote LAN segment also (the local is a must-have). You better fix this and fire "testparm" to double-check your smb.conf. If it doesn't goes as expected, increase the debug level for your samba daemon and send the result to the "samba+OpenVPN" debug team! (we do it all the time, and again and again...) HTH, RSalles > > This is my smb.conf file: > > [global] > log file = /var/log/samba/log.%m > load printers = no > lock directory = /var/lock/samba > share modes = yes > workgroup = NYT-SKAB > invalid users = root > security = user > encrypt passwords = yes > smb passwd file = /etc/samba/smbpasswd > server string = NYT SKAB server > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > dns proxy = no > > [standard] > comment = disk 1 > path = /mnt/disk1/standard > read only = no > max connections = 5 > create mode = 0750 > > Any suggestions??? > > Regards > > René > > > -----Oprindelig meddelelse----- > Fra: John Locke [mailto:mail@xxxxxxxxxxxx] > Sendt: 2. april 2004 16:48 > Til: René_Pedersen > Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > Emne: Re: [Openvpn-users] howto change gateway??? > > > Hi, Rene, > > On Fri, 2004-04-02 at 02:43, René_Pedersen wrote: >> Hi, >> >> I have succesfully set up a tunnel between my windoze xp and my linux > samba >> server with openvpn. >> > Good! > >> --- >> >> Now I want to connect to my samba server from my windoze, but as the >> configuration is now I cannot do that. >> >> I think my problem is that openvpn makes the following route entry on >> the >> linux box: >> >> NETWORK GATEWAY NETMASK ... Iface >> 10.3.0.1 0.0.0.0 255.255.255.0 tap0 >> >> where my default gateway i 192.168.2.1 >> >> The solution in my view is to change the GATEWAY in the "OpenVPN route >> entry" to 192.168.2.37 >> > No, that's not correct. If you change the gateway for this network, your > traffic will go outside the tunnel to your default gateway, and get > dropped. > > Because your Samba server is at the other end of the tunnel, you should > be able to connect just fine through the tunnel, using the 10.3.0.1 > address. > > The problem is most likely that Samba isn't listening on that address. > Check your Samba configuration to make sure it's listening on all > interfaces, and then restart Samba--if Samba is started before the Tap > device is up, it won't ever listen to traffic coming through the tunnel. > >> How do I do that???? >> >> Is there a better solution???? > > If all you're trying to connect is these two boxes, your configuration > should be fine. > > However, if you want to connect to other machines on the LAN beyond > either VPN gateway, you're going to have routing trouble because both > networks use the same subnet. Depending on how you're set up, you might > be able to subnet the 192.168.1.* network further (for example, the > Linux box is at .37, and your Windows box is at .75. You could create > your office subnet to only have computers between 192.168.1.33 and > 192.168.1.62, while the other side has computers between 192.168.1.65 > and 192.168.1.94, and use a subnet masks for both of 255.255.255.224), > but much easier would be to move one of the networks to an entirely > different address range (say 192.168.17.x). > > Cheers, > -- > John Locke > Open Source solutions for small business problems > http://freelock.com > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- "A well-written program is its own heaven; a poorly-written program is its own hell." TAO of Programming - Book 4 ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |