Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 27 Mar 2002 12:24:34 +0100
From:      "Karl M. Joch" <k.joch@kmjeuro.com>
To:        stable@freebsd.org
Subject:   FreeBSD4.5->IPSEC<-FreeBSD 4.5 Samba 2.2.3a Subnet Browsing.
Message-ID:  <3CA1ABF2.5000908@kmjeuro.com>
index | next in thread | raw e-mail 

Hi,

i have a main net with a samba 2.2.3.a server and a subnet which is 
connected via ipsec to the main net.

|FBSD 4.5 Firewall|----------ipsec--------|FBSD.4.5 Firewall|
         |                                           |
         |                                           |
         |                                           |
---- main net 192.168.M.x ------            ------ subnet 192.168.S.x---
   |                                           |
   |                                           |
   |                                           |
|FBSD4.5/Samba2.2.3a/WorkGroup MAIN|        |FBSD4.5/Samba 2.2.3a|
                                             |WORKGROUP: SUBNET   |


everythink works great in the local subnets. furthermore access from 
M->S and S->M is working fine. but there is need that the MAIN net sees 
the workstations and the servers in the SUBNET. the SUBNET should not 
see the MAIN PCs in the browsing list. both samba servers are domain 
master, local master and wins server. ods level is at 65 to make sure 
they are the local masters. no Win server included. i set the debug 
level to 3 to see whats going on. the main server has the remote browse 
sync set to 192.168.S.255 (tried with the wins servers ip too). the 
subnet server has the entry remote announce = 192.168.M.x (also tried 
with the wins servers ip too).

within 5 hours there is nothing in the browse list of the MAIN net, 
furthermore there is not one entry in the log files that MAIN tries to 
collect the SUBNETS browselist and not even an entry in the SUBNETS 
nmbd.log which says that the subnets server tries to announce the 
subnets workgroup to the main net.

i searched the archives and rechecked everything:

- valid guest account
- firewall rules for tcp/udp 137,138,139
- smb.conf parameters


it is not possible to use one of the samba servers as main wins server, 
because then the subnet would see the main net in the browse list too. 
furthermore when the line would be cutted in case of technical errors 
then the subnet would loos the wins server. this istallation will get 
additional 5 subnets where different combinations of seeing/not seeing 
subnets are neccecary. so i have to go with remote announce/remote 
browse sync.


any clue what i miss?

many thanks.

--
-- 
Best regards / Mit freundlichen Gruessen,

Karl M. Joch


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CA1ABF2.5000908>