Bonjour,
Apres un certain temps de recherche, je n’est pas trouvé de réponse a ma question.
Mon serveur samba sous AD semble refuser les connections aux dossiers partagé au travers d’un vpn openvpn.
j’ai mis le reseau (10.10.10.0 masque 255.255.255.0) dans les réseaux de confiance.
Que puis je faire d’autre ?
Merci d’avance
NethServer 7.7.1908
samba, openvpn
ok i will try with google translate. I do not have access to samba (AD) shared folders when I am in vpn (openvpn).
I tried to put the 10.10.10.0 network in a trusted network. nothing changes.
Thank you
Samba log [2020/10/29 11:56:53.921907, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<20> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 11:56:53.921993, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 11:56:54.024839, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 11:56:54.024938, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.774755, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name AMERICAN<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.774857, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.792716, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<20> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.792795, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.810311, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.810390, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
According to the log, Firewall seems innocent into this rush.
Unless there could be specific (so added by the admin) firewall rules, including NATs, that may cause an issue…
hello, I just put the port of openvpn 1192 back on my router firewall. It didn’t change anything.
Here is the log of nmpd:
[2020/10/29 13:23:32.677724, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 13:23:32.677778, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
Hello,
looks like a missing parameter,
did you try to setup the options in server manager? menu gateway->openvpn roadwarrior->menu advanced, fill the wins and dns sections with correct parameters.
Let me know if it works
BB
If you’re not using LDAP as account provider, you have 2 IP Addresses in your server.
The first is the actual ip, the one you set into network configuration (Green interface)
The second is the ip of the container, who’s the “effective” account provider of the server, used via LDAP from NethServer. https://docs.nethserver.org/en/v7/accounts.html#samba-active-directory-local-provider-installation
which firewall may not be so much “permissive” to VPN subnet.
sorry for the delay in response, I was on the move.
For my server IP address is 192.168.1.5
my AD 192.168.1.4
My DHCP server 192.168.1.210
DNS server: 127.0.0.1 and 217.237.150.188 (FAI)
Wins ?
I access my shared files by the IP address: \\192.168.1.5\
Login: user@domain.local
Sorry to return to the subject.
My problem is still not resolved.
I can access the samba files which are opened as a guest.
The others don’t.
My ip server is 192.168.1.5
it is not configured as a gateway.
My ad server is 192.168.1.4
my vpn ip is 10.10.10.2 when I am connected
My gateway 192.168.1.210 (router cisco)
I’m lost.
You will need a route on your Cisco for the 10.10.10.0/24 network, pointing to the NethServer providing OpenVPN…
Reason:
Example, you VPN in, and try to access eg your AD.
The AD will send the packets back - but to the Cisco, as that’s your default gateway.
Those get thrown away, as they’re not allowed on the Internet.
You can also add a route on all your other servers, like the AD, but it’s easier doing it once, on your Cisco Firewall!