I have Nethserver on 2 site such as: NS1 and NS2 with IPWAN on other site.
I configured VPN site to site using IPSec and It’s working. But, when I try to browsing any folder from NS1 to NS2 (access to share folder from File-server), It’s time out and display error.
I done some step as below:
- I can ping any server from 2 site together.
- Check on " Traffic between OpenVPN roadwarrior, OpenVPN tunnels and IPSec tunnels" from Firewall setting on 2 site.
- Create CIDR and Rule to allow traffic for all vlan on 2 site.
Please help me find out reason why?
And welcome to the NethServer community…
Maybe you just forgot to add in the IPs of the “other” site in the NethServers “Trusted Networks” list. If a host is not on that list, it can’t access any shares…
Just add in the network or the other side into Trusted Networks, eg:
Comment: Name of other site or place…
My 2 cents
It added into “Trusted Networks” list before.
Are you using LDAP or AD?
With AD, you probably can’t “browse”, what does work is eg using Windows Explorer to “map” a Network drive. Browsing may work in Win10 if SMB1 is installed…
You must use AD authentification from the “other” side.
if you are connecting from DOMAIN-1…
My 2 cents
And AFAIK there’s no “federation/forest” concept among NSDC/Domains. Or multi-subnet deployed environment.
@Andy_Wismer SMBv1 is not-so-good advice and you know it
That’s why I suggest to Map a drive, not to browse…
Yes, I want to map a network drive on site2 from site1. I tried to install smb1 on PC site1 and access file-server(Ubuntu server) on site2 but It’s not work. Something wrong?
I have 2 DC such as: DC1, NS1 on site1 and DC2, NS2 on site2.
More input needed.
How did you introduce yourself? (username…)
I’m Cong from VietNam. Our Company have new site so I need to configure VPN Site to Site. Because, we need to share document from HQ to new Site.
Can you give me some advise.
I’m sorry I made not myself understand.
If you’re trying from DC1 user to connect to DC2 share, you should use a DC2 user for connect, because DC2 don’t know “who is” DC1 user.
So as login should be used DC2\DC2User…
I’m try to connect to DC2 (with User/Pass Admin Domain) but I can’t mapping network drive as below picture.
On your screenshot, behind the formost window, but still visible, is the Option:
“Connect using different credentials”
If you don’t use that, you have no chance to connect, as your current credentials from DC1 are unknown on the other side.
The correct form is as shown.
Replace DC2 shown here with the domain name on DC2. Use a valid user/password, or the admin user / password (for DC2!).
→ NethServer’s AD does NOT support any Domain Trusts !!!
My 2 cents
I try to check on it and type user/password of Admin Domain DC2 but still not working.
Still not working, same error
IP DC2: 192.168.x.x
IP DC1: 172.16.x.x
Because I’m new user. So I can’t upload more images.
From 172.16.x.x subnet can you ping 192.168.x.x subnet NSDC Ip address?
Yes, I can ping any host on 192.168.x.x subnet. I want to share more picture as below.
I think some rule isn’t correctly. When I try to change some rules as below, I can access some share folder with small file, folder size. With large file or folder size, I still not access.
Btw, I see the VPN traffic show: 0 Byte Sent, 0 byte Receive on yesterday. it show up today.
This is typically a symptom of wrong MTU set on some Network Interface (NIC). On LAN connections, 1500 is the correct value. Using DSL the value is usually lower, eg 1492 is a common value, but best ask your Provider (On both sides!).
What kiind of Internet do you have? (DSL, Cable, Fiber)
(Please for both sites…)
My 2 cents
I checked on speedguide.net/analyser.php and MTU is difference on 2 sites.
MTU on site1: 1438
MTU on site2: 1492
MTU on LAN: 1500.
I’m using Fiber Cable on 2 site. What should I do for the next step?