Migration NS7 and vpn samba share

NethSecurity
,
1

Hello,
I have migrated a Nethserver 7 (Firewall+File server) to Nethsec 8.
Just leaved NS7 as file server.
Migration went fine. All works except NS7 samba share over openvpn roadwarrior.
Before was 192.168.100.1 (Ns7 - firewall+file server) + 100.2 (samba ad)
Now Is 192.168.100.1 (Nethsec) + 100.2 (samba ad) + 100.3 (Ns7 file server)
DNS records works because on local LAN all computers can access all samba shares.
When i connect with openvpn, no more login is allowed.
Any suggestion?
Thank you.

2

I guess the VPN connection doesn’t use the NS7 (100.3) as DNS server.
You could set a custom DNS for OpenVPN in NethSecurity, see also OpenVPN Road Warrior — NethSecurity documentation

grafik
grafik1094×2099 124 KB

EDIT:

Did you add the OpenVPN network to the trusted networks on NS7?
See also Base system — NethServer 7 Final

1 Like
3

I’ve already set:
/ad.domain.org/192.168.100.2 (ad samba)
on Nethsec.
This Is openvpn (migrated setup)

IMG_20250119_075133
IMG_20250119_0751331064×2137 231 KB

4

Hi @sarz4fun

Setting WINS?

You are aware that current Windows Systems (Win10 and Win11) both do NOT use WINS, even if set? You must also install samba1 so that WINS is used.

And both are no more advised, since several years now - security issues!

In other words, remove it from the DHCP and VPN setup.

My 2 cents
Andy

5

Hello, it was from migrated setup!
I removed all, but did not resolved the issues.

6

I did not say removing it would solve your issues.
But doing so will not worsen your issue either, but WILL improve any Windows Network Security!

My 2 cents
Andy

7

Which error do you get?

Did you check if it works to connect from a client via name or IP like:

\\dc1\share

\\192.168.100.3\share

Can you ping/nslookup the DC or the file server via OpenVPN from the client?
You could check if the Samba AD DNS works correctly, see also Setting up Samba as an Active Directory Domain Controller - SambaWiki

Please also check the logs for relevant errors.

It seems you’re using OpenVPN IPs (10.) here.
Please try just using the DNS option pointing to 192.168.100.2.

Did you check that? Maybe the OpenVPN network is not a trusted one (anymore).

8

It was trusted Networks on NS7!
Thank you. I’ve forgot on migration.

1 Like