[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] Map network drives

Subject: Re: [Openvpn-users] Map network drives
From: Terry Dooher <tdooher.lists@xxxxxxxxxxxxxxxxx>
Date: Thu, 04 Nov 2004 11:31:13 +0000

Emmanuel Polet wrote:

Well, I actually allready add these rules set :) However, I have added this other rule : "-A RH-Firewall-1-INPUT -i tun+ -j ACCEPT" in the "ipchains" file, and now it works !! I can map network drives and everything ! This is all due to this weird syntax in Fedora iptables conf file...

I haven't seen the Fedora iptables scripts, though this looks like a similar sort of catch-all rule to the ones I gave you. If, for any reason, you need to block specific traffic over the VPN, you need to add -j DENY rules for those ports _above_ this rule in the same chain.

Anyway. I have however one problem left : I have 3 servers on my LAN, one WinNT, one Win2000 and a samba (on RedHat 8.0). My LAN is managed by a domain controller, ie the WinNT box. The 2000 is in stand alone mode ; I can map drives on the samba and NT, but 2000 simply replies my password is wrong (while it is not ;))... It obviously a problem of rights. However I cannot install active directory on my 2000 as it wounldn't integrate in my NT domain (or would it ?). Does anyone would know any workaround ?

I think what is happening here is that your VPN client PC is trying to authenticate itself with the 2000 box using domain credentials already supplied to the domain controller. If the 2000 box isn't part of the domain, these will be refused.

If you're prompted for a username and password when you attempt to access a share, try the username of the form:

<name of 2000 machine>\<username>

...using the credentials from a local user account, such as local administrator. (Note: it'll refuse login anyway if the account you're trying to use has a blank password)

The other option is to add the 2000 box to the NT domain. You shouldn't need any active directory stuff for this. 2k/XP pcs can easily be members of NT4 domain controllers.

Terry

Thanks again everyone for your great help !!

Emmanuel


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- Re: [Openvpn-users] Map network drives
  - From: Emmanuel Polet

References:
- FW: FW: [Openvpn-users] Map network drives
  - From: Conor Rafferty
- Re: FW: FW: [Openvpn-users] Map network drives
  - From: Leonard Isham
- Re: FW: FW: [Openvpn-users] Map network drives
  - From: Emmanuel Polet
- Re: [Openvpn-users] Map network drives
  - From: Matteo Lunardi
- Re: [Openvpn-users] Map network drives
  - From: Emmanuel Polet
- Re: [Openvpn-users] Map network drives
  - From: Terry Dooher
- Re: [Openvpn-users] Map network drives
  - From: Emmanuel Polet

Prev by Date: Re: [Openvpn-users] PIX Radius Auth
Next by Date: [Openvpn-users] Running openvpn with non-admin privileges
Previous by thread: Re: [Openvpn-users] Map network drives
Next by thread: Re: [Openvpn-users] Map network drives
Index(es):
- Date
- Thread