Unable to access samba shares through VPN

NethServer 7.7.1908
samba, openvpn

Bonjour,
Apres un certain temps de recherche, je n’est pas trouvé de réponse a ma question.
Mon serveur samba sous AD semble refuser les connections aux dossiers partagé au travers d’un vpn openvpn.
j’ai mis le reseau (10.10.10.0 masque 255.255.255.0) dans les réseaux de confiance.
Que puis je faire d’autre ?
Merci d’avance

Mi spiace, non conosco il francese. Riesci a riscriverlo in inglese?

NethServer 7.7.1908
samba, openvpn
ok i will try with google translate. I do not have access to samba (AD) shared folders when I am in vpn (openvpn).
I tried to put the 10.10.10.0 network in a trusted network. nothing changes.
Thank you

Which error do you receive? Did you scrubbed the log looking for messages?

Message : connection refused

Samba log [2020/10/29 11:56:53.921907, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<20> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 11:56:53.921993, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 11:56:54.024839, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 11:56:54.024938, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.774755, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name AMERICAN<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.774857, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.792716, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<20> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.792795, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2020/10/29 12:04:53.810311, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 12:04:53.810390, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server

According to the log, Firewall seems innocent into this rush.
Unless there could be specific (so added by the admin) firewall rules, including NATs, that may cause an issue…

hello, I just put the port of openvpn 1192 back on my router firewall. It didn’t change anything.

Here is the log of nmpd:
[2020/10/29 13:23:32.677724, 0] …/source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name INFO2G<00> from IP 10.10.10.6 on subnet UNICAST_SUBNET.
[2020/10/29 13:23:32.677778, 0] …/source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server

Hello,
looks like a missing parameter,
did you try to setup the options in server manager? menu gateway->openvpn roadwarrior->menu advanced, fill the wins and dns sections with correct parameters.
Let me know if it works
BB

of which parameter?
my server has like ip 192.168.1.5. do i have to put the same in the WINS dhcp server?

If you’re using Samba DC you should put as WINS server the container’s IP, not the server IP.

what do you mean by “container ip”

If you’re not using LDAP as account provider, you have 2 IP Addresses in your server.
The first is the actual ip, the one you set into network configuration (Green interface)
The second is the ip of the container, who’s the “effective” account provider of the server, used via LDAP from NethServer.
https://docs.nethserver.org/en/v7/accounts.html#samba-active-directory-local-provider-installation
which firewall may not be so much “permissive” to VPN subnet.

Container is called NSDC into this forum.


Maybe this topic could help you.

where are your
AD server
dhcp server
dns server
wins server?
are you looking for samba shares with name or with IP address?

sorry for the delay in response, I was on the move.
For my server IP address is 192.168.1.5
my AD 192.168.1.4
My DHCP server 192.168.1.210
DNS server: 127.0.0.1 and 217.237.150.188 (FAI)
Wins ?

I access my shared files by the IP address: \\192.168.1.5\
Login: user@domain.local

the user must be: DOMAIN\user

Then the password.

I have already tried it but the result is the same.

Other than samba shares access problem, vpn connection works as expected?