Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

VPN Setup

VPN Setup

VPN Setup

Hi, I'm trying to create a VPN between DGFV338 and a client with Netgear VPN software.
I have followed the steps of the KB and the VPN connection come up correctly (with a simple PSK); if I try to connect with HTTP or POP3 to (web server) all works fine but there are some problems

    * no access to SAMBA server (same server of web and mail)
    * usage of SMTP server is blocked like the request comes from outside of the LAN (because the relay is allowed on Postfix only for the clients on LAN)

I thought that a VPN creates a tunnel and all the requests form the VPN's client are processed like requests of LAN's clients...
For example ip-address.com shows the WAN's IP of my home router not the WAN's IP of VPN's router; I thought that the packets flows first to VPN's router and not directly to Internet.
Sorry for my English and thanks for help.  

RE: VPN Setup

The type of VPN you will need is a site to site.  This done but two routers but the LAN IP at each needs to be different.

RE: VPN Setup

Mmm ok, and what can I do with this VPN?

RE: VPN Setup

I run OpenVPN and found samba over the VPN to be tricky with it.  There seems to be some nuances about how name resolution works and the use of wins lmhosts, etc.  The problems may be the same or similar as your experiencing, i.e. samba and how it works over a virtual tunnel.  

What I did find was that Windows seems to have an easier time connecting than Linux.  Since you mention Samba, I am making the assumption your running Linux.  In order to get Linux to connect to the samba shares, I had to specifically tell it to make a connection and mount the share, I had to tell it connect to a windows share from my browser window.  I could see the mapped drive, but trying to access it would cause problems.

The other thing I have been finding is that you can run into problems with the routing and firewalls, especially on the Linux end.  This is especially true when trying to access a resource that is on the LAN.  A common solution is to use IPtables to perform masquerading which I have come to understand means that it translates the public IP addresses in the packets to the local IP addresses so that resources recognize and resolve them.

The third thing it sounds like you could be running into, with IP addresses showing up as public versus private could be a DNS resolution issue and or a routing table issue.  VPNs can be set up to either route all traffic through the tunnel or traffic for the other end of the VPN, which can be more efficient.  Your routing table should give you a clue as to what direction traffic is trying to go.


RE: VPN Setup

Sorry for mistake: Linux is running on the remote server (web, mail, samba, etc) but on my client I have WinXP.
You have told about DNS resolution and routing issues but if I directly use the IP address to connect at the web server (with a browser) or POP server (with a mail client) all works fine... This means that the routing is correctly, right?

RE: VPN Setup

Let me start by trying to summarize the situation so that things are clear:

1 - You are running a linux server that has samba on it.  It is also a mail server and web server.
2 - you can connect to the server via a regular browser and email client using the public IP address.  This tells us that the server applications are running properly.
3 - You have created a VPN connection and can access the web pages via a local IP address and you can access the POP server (assume courier or dovecot).
4 - Samba Shares are not working
5 - SMTP authentication is not working.

This really sounds like a permissions problem with information being lost when attempting to connect through the VPN.  Specifically, I think what is happening is that the domain information through the VPN is either getting dropped or mangled and this is causing authentication issues with your Samba and Postfix servers.  Are there any error messages in the logs that arise as a consequence of your attempt to connect?  Some specific information regarding the errors would be helpful here.

How do you try to connect to connect to the samba and SMTP servers when you are going through the VPN.  How do you have the permissions set up?  For postfix do you have it setup as "my networks" with a non public address range or do you use SASL authentication?  Do you have something similar on Samba?


Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close