Hello all,
I've already setup Open VPN on bubbatwo, and now de second proces is to setup samba so it can be accessed by OpenVPN.
This is the how to:
Connecting to a Samba share over OpenVPN
This example is intended show how OpenVPN clients can connect to a Samba share over a routed dev tun tunnel. If you are ethernet bridging (dev tap), you probably don't need to follow these instructions, as OpenVPN clients should see server-side machines in their network neighborhood.
For this example, we will assume that:
* the server-side LAN uses a subnet of 10.66.0.0/24,
* the VPN IP address pool uses 10.8.0.0/24 (as cited in the server directive in the OpenVPN server configuration file),
* the Samba server has an IP address of 10.66.0.4, and
* the Samba server has already been configured and is reachable from the local LAN.
If the Samba and OpenVPN servers are running on different machines, make sure you've followed the section on expanding the scope of the VPN to include additional machines.
Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:
hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1
If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:
interfaces = 10.66.0.0/24 10.8.0.0/24
If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:
\\10.8.0.1\\sharename
If the Samba and OpenVPN servers are on different machines, use folder name:
\\10.66.0.4\sharename
For example, from a command prompt window:
net use z: \\10.66.0.4\sharename /USER:myusername
1. please can you tell me if i have to put here "* the server-side LAN uses a subnet of 10.66.0.0/24" the Lan Ip of bubbatwo on my home network or from the enternet?
by from the internet i mean the Ip used to connect to bubba from the outside like example my webpage.
2. How can i find out what the ip adres is of samba on my bubbatwo? "* the Samba server has an IP address of 10.66.0.4,"
3. "hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1" the 127.0.0.1 what ip is that and where can i find it?
4. and i just have to add these lines to smb.conf right ofcourse with the right ip's :
hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1
interfaces = 10.66.0.0/24 10.8.0.0/24
and then i will be able to access my folders from bubbatwo over vpn?
I'm sorry if i ask so many questions. all help is welcome.
I really want to setup samba over the vpn, so that i can access my shares, vpn works but it shows no folders since samba is not configurated for vpn.
Thanks a lot!
Rewien
Please note the new address for this forum : forum.excito.org. The old address redirects here but I don't know for how long. Thanks !
New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !
Need help setting up samba on vpn
Did you try this step?
I solved the problem by adding the tun0 interface to my "interfaces" line in the smb.conf and as I remember ( have no access to my bubba at the moment ) the line below this "interfaces" had to be commented out to allow samba to broadcast on the tun0 interface, because it is a temporary interface. If you can't find the option I could have a look later.
BR.
Ton.
this is my SMB.conf I highlighted the changes i made and it works for me (without all the interfaces steps you quoted)
[global]
workgroup = kempensebaan
server string = %h Miniserver
dns proxy = no
log file = /var/log/samba/log.all
max log size = 1000
syslog = 0
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
guest account = nobody
invalid users = root
map to guest = Bad User
syslog = 0
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
guest account = nobody
invalid users = root
map to guest = Bad User
socket options = TCP_NODELAY
preferred master = yes
load printers = no
printcap name = cups
printing = cups
show add printer wizard = no
disable spoolss = Yes
interfaces = eth1 tun0
socket options = TCP_NODELAY
preferred master = yes
load printers = no
printcap name = cups
printing = cups
show add printer wizard = no
disable spoolss = Yes
interfaces = eth1 tun0
# bind interfaces only = yes
#======================= Share Definitions =======================
[home]
comment = Home Directories
path = /home
browseable = yes
writable = yes
create mask = 0764
directory mask = 0775
public = no
guest ok = no
hide dotfiles = yes
user = @users
[storage]
comment = Common storage
writable = yes
guest ok = yes
public = yes
force group = users
force create mode= 0777
force directory mode = 0777
path = /home/storage
#[printers]
# comment = Attached printers
# path = /var/spool/samba
# browseable = no
# guest ok = yes
# printable = yes
# use client driver = yes
Binkem wrote:this is my SMB.conf I highlighted the changes i made and it works for me (without all the interfaces steps you quoted)
[global]
workgroup = kempensebaan
server string = %h Miniserver
dns proxy = no
log file = /var/log/samba/log.all
max log size = 1000
syslog = 0
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
guest account = nobody
invalid users = root
map to guest = Bad User
syslog = 0
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
guest account = nobody
invalid users = root
map to guest = Bad User
socket options = TCP_NODELAY
preferred master = yes
load printers = no
printcap name = cups
printing = cups
show add printer wizard = no
disable spoolss = Yes
interfaces = eth1 tun0
socket options = TCP_NODELAY
preferred master = yes
load printers = no
printcap name = cups
printing = cups
show add printer wizard = no
disable spoolss = Yes
interfaces = eth1 tun0
# bind interfaces only = yes
#======================= Share Definitions =======================
[home]
comment = Home Directories
path = /home
browseable = yes
writable = yes
create mask = 0764
directory mask = 0775
public = no
guest ok = no
hide dotfiles = yes
user = @users
[storage]
comment = Common storage
writable = yes
guest ok = yes
public = yes
force group = users
force create mode= 0777
force directory mode = 0777
path = /home/storage
#[printers]
# comment = Attached printers
# path = /var/spool/samba
# browseable = no
# guest ok = yes
# printable = yes
# use client driver = yes
Thank you very much Binkem!
it works
That line can make such a difference.
Rewien