I know you're already looking into using VPN, but just so ya know, some ISPs (@home did) filter ports 137:139 automatically...
S >From: "Lonnie Cumberland" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >CC: <[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] Samba across Eigerstein LRP >Date: Thu, 21 Feb 2002 20:37:07 -0500 (EST) > >Well, no luck so far. > >I added the rules to the bottom of my /etc/ipfilters.conf and >rebooted the LRP. > >while trying to connect from an outside Linux machine I get: > >smbclient -L www.outstep.com > >but then get a connection timed out on 141.217.140.65:139 > >I have also added these in my port-forward section >--------------------------------------------- ># This is the Samba Netbios-ns >$IPMASQADM portfw -a -P tcp -L $EXTERN_IP netbios-ns -R 192.168.1.7 >netbios-ns >$IPMASQADM portfw -a -P udp -L $EXTERN_IP netbios-ns -R 192.168.1.7 >netbios-ns >echo "Added Netbios-ns Port -- Samba Service" > ># This is the Samba Netbios-dgm >$IPMASQADM portfw -a -P tcp -L $EXTERN_IP netbios-dgm -R 192.168.1.7 >netbios-dgm > >$IPMASQADM portfw -a -P udp -L $EXTERN_IP netbios-dgm -R 192.168.1.7 >netbios-dgm >echo "Added Netbios-dgm Port -- Samba Service" > ># This is the Samba Netbios-ssn >$IPMASQADM portfw -a -P tcp -L $EXTERN_IP netbios-ssn -R 192.168.1.7 >netbios-ssn >$IPMASQADM portfw -a -P udp -L $EXTERN_IP netbios-ssn -R 192.168.1.7 >netbios-ssn >echo "Added Netbios-ssn Port -- Samba Service" >---------------------------- > >the 192.168.1.7 is my Linux Samba server that I can connect to from >the other machines currently behind the Firewall. > >cheers, >Lonnie > > > > Lonnie: > > > > Hello! Yes, that's the idea. No, I've not tested > > it. Perhaps you can? Port-445 is "Microsoft Domain Service", > > I believe. I saw it once in a tech-support document on > > their site. > > > > -Scott > > > >> So you can now have Windows client connections from outside the > >> LRP to your Samba server inside the Firewall? > >> > >> Is it working for you? > >> > >> Also, what is on port 445? I do not know that one. > >> > >> Cheers, > >> Lonnie > >> > >> > Lonnie: > >> > Heya. Here's what I put into the SMB section of the > >> > echowall ruleset: > >> > > >> > #SMB#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 135 -p tcp -j > >> > ACCEPT #SMB#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 137:139 -p > >> > udp -j ACCEPT #SMB#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 139 > >> > -p tcp -j ACCEPT > >> > #SMB#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 445 -p tcp -j > >> > ACCEPT > >> > > >> > I'm not sure if all of them are needed for every > >> > SAMBA session, but I'd be hesitant to leave any out... > >> > > >> > cheers, > >> > Scott > >> > > >> >> I have been having some trouble to be able to use Samba > >> >> across my LRP. Has anyone had luck with this? > > >-- > Lonnie Cumberland > OutStep Technologies Incorporated > EMAIL: [EMAIL PROTECTED] > : [EMAIL PROTECTED] > > The Basis Express Virtual Office > & > Data Backup and Recovery Services > > URL: http://www.basis-express.com > >"The Virtual Office without boundries!!!" > > > > > >_______________________________________________ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
