Author Topic: OpenVPN + Samba + 2 NICs (Read 2336 times)

james · « **on:** August 08, 2008, 04:32:33 pm »

Hi,

My eBox set up:
- internal and external NICs
- Samba configured as a PDC
- OpenVPN that currently connects from offsite and both subnets are pingable

However, the problem is
the off site computer doesn't see the Samba PDC or the shares.

Do i need to add a Firewall rule to make it work??

Thanks

almost forgot: eBox Version 0.11.101

james · « **Reply #1 on:** August 11, 2008, 05:48:12 pm »

SOLVED:
i figured out why i couldn't connect to samba.

i needed to manually set the WINS server address on the tap adapter created buy the openvpn gui for windows.

New VPN Problem:
however, now I am running into the issue that everyone that connects to the vpn is assigned the SAME IP address (10.10.1.2)...

please help.

javi · « **Reply #2 on:** August 11, 2008, 07:32:40 pm »

Hi james,

Go to your openVPN server configuration and check the netmask you are using on the VPN Addrees

james · « **Reply #3 on:** August 11, 2008, 07:47:40 pm »

my netmask is 255.255.255.0

also while trying to troubleshoot, i have changed the IP range from 10.10.1.0 to 10.10.6.0 and then connected with the client again and the IP assigned to the client changes from 10.10.1.2 to 10.10.6.2

so i at least know that is working.

james · « **Reply #4 on:** August 12, 2008, 03:59:59 pm »

Do i need to give each client their own client certificate?

sixstone · « **Reply #5 on:** August 12, 2008, 05:21:22 pm »

In order to improve your security in the network avoiding spoofing, the answer is yes.

james · « **Reply #6 on:** August 12, 2008, 05:24:20 pm »

alright, i keep solving my own problems.
but i always have another problem.

i tried using different certificates for each user and it worked!
but not at first.
i had to disable "Client authorization by common name:".

is there any way i configure this multiple-user VPN without having to disable security options??

sixstone · « **Reply #7 on:** August 12, 2008, 06:29:26 pm »

"Client authorization by common name" is used if you want to let some users from your CA get into the VPN server but others do not. If you just don't care, disable it is not a bad option since only your signed certificates will get into the VPN.

Best regards,

james · « **Reply #8 on:** August 12, 2008, 08:52:34 pm »

ahhh thank you thank you.

I'm sorry for my lack of knowledge about the subject,
but the reason i chose eBox was so that i wouldn't have to delve into the details.

thank you for your help!

everything is working smoothly thanks to you guys!

sixstone · « **Reply #9 on:** August 12, 2008, 11:04:19 pm »

No problem at all. Your feedback is one of the most valuable things to improve eBox together.

We try with eBox give the default options to follow our principles: ease the user's experience and be secure by default.

Great to hear that!

Cookies usage

Author Topic: OpenVPN + Samba + 2 NICs (Read 2336 times)

james

OpenVPN + Samba + 2 NICs

james

Re: OpenVPN + Samba + 2 NICs

javi

Re: OpenVPN + Samba + 2 NICs

james

Re: OpenVPN + Samba + 2 NICs

james

Re: OpenVPN + Samba + 2 NICs

sixstone

Re: OpenVPN + Samba + 2 NICs

james

Re: OpenVPN + Samba + 2 NICs

sixstone

Re: OpenVPN + Samba + 2 NICs

james

Re: OpenVPN + Samba + 2 NICs

sixstone

Re: OpenVPN + Samba + 2 NICs