Can't acces/see shared folder with samba on Debian
Posted: Thu Nov 26, 2015 2:25 pm
Hi, here's my problem, i try for a long time to configure OpenVPN and Samba to have access to my shared folder through the vpn.
Everything is working except this.
The OpenVPN server and the Samba server are on the same computer. A debian server.
The connection with the client/server works, the ping to 10.8.0.1 works and the ping back to the client to.
I can access to internet with my vpn's ip adress...
I can't find any solution to this problem even with the ton of post i've read.
I post you some configuration files.. .Let me know if you need more informations. Thank you
server.conf:
smb.conf :
firewall :
ifconfig :
Everything is working except this.
The OpenVPN server and the Samba server are on the same computer. A debian server.
The connection with the client/server works, the ping to 10.8.0.1 works and the ping back to the client to.
I can access to internet with my vpn's ip adress...
I can't find any solution to this problem even with the ton of post i've read.
I post you some configuration files.. .Let me know if you need more informations. Thank you
server.conf:
Code: Select all
# Serveur TCP/443
mode server
proto tcp
port 443
dev tun
# Cles et certificats
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
tls-auth ta.key 1
key-direction 0
cipher AES-256-CBC
# Reseau
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "dhcp-option WINS 10.8.0.1"
keepalive 10 120
client-config-dir ccd
user nobody
group nogroup
chroot /etc/openvpn/jail
persist-key
persist-tun
comp-lzo
verb 3
mute 20
status openvpn-status.log
log-append /var/log/openvpn.log
Code: Select all
server string = Debian
netbios name = Debian
log level = 2
log file = /var/log/samba/log.samba
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
share modes = Yes
security = user
hosts allow = 192.168.0.1/24 192.168.1.1/24 10.8.0.0/24 127.0.0.1
wins support = Yes
name resolve order = wins lmhosts hosts bcast
wins server = 192.168.1.18
interfaces = 192.168.0.0/24 192.168.1.0/24 10.8.0.0/24 127.0.0.1
######## Partage des home directory des utilisateurs ########
[homes]
comment = Homes
read only = No
create mask = 0764
directory mask = 0775
browseable = Yes
vfs object = recycle:repository recycle:keeptree recycle:versions recycle:touch recycle:exclude recycle:exclude_dir recycle:maxsize recycle:noversions
recycle:repository = .Corbeille-samba/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = Yes
recycle:maxsize = 0
recycle:exclude = *.tmp
recycle:exclude_dir = /tmp
######## Partage ########
[Serveur Institut]
path = /media/Partage/Serveur/
public = no
force group = institut
# Utilisateurs reconnus pour accéder au partage
valid users = institut membre direction julien
# Partages écrivables
writeable = Yes
# Paramètre de création des fichiers et dossier par defaut passant outre les variables systèmes.
create mask = 770
force create mode = 770
directory mask = 770
preserve case = yes
[Administration]
path= /media/Partage/Administration/
public = no
valid users = direction
writeable = Yes
create mask = 0765
force create mode = 770
directory mask = 770
preserve case = Yes
Code: Select all
#Samba
iptables -t filter -A INPUT -p tcp -s 192.168.1.0/24 --dport 139 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 139 -j ACCEPT
iptables -t filter -A INPUT -p tcp -s 192.168.1.0/24 --dport 445 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 445 -j ACCEPT
iptables -t filter -A INPUT -p udp -s 192.168.1.0/24 --dport 137 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 137 -j ACCEPT
iptables -t filter -A INPUT -p udp -s 192.168.1.0/24 --dport 138 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 138 -j ACCEPT
iptables -t filter -A INPUT -p udp -s 192.168.1.0/24 --dport 445 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 445 -j ACCEPT
iptables -t filter -A INPUT -p tcp -s 192.168.1.0/24 --dport 443 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT
iptables -I OUTPUT -o tun0 -j ACCEPT
iptables -A INPUT -i tap0 -j ACCEPT
iptables -A INPUT -i br0 -j ACCEPT
iptables -A FORWARD -i br0 -j ACCEPT
iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.2/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
Code: Select all
eth0 Link encap:Ethernet HWaddr 74:86:7a:e4:fd:3e
inet adr:192.168.1.18 Bcast:192.168.1.255 Masque:255.255.255.0
adr inet6: fe80::7686:7aff:fee4:fd3e/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8235494 errors:0 dropped:20 overruns:0 frame:0
TX packets:10867251 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
RX bytes:1911910329 (1.7 GiB) TX bytes:12082628322 (11.2 GiB)
Interruption:16
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet adr:10.8.0.1 P-t-P:10.8.0.2 Masque:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:1409 errors:0 dropped:0 overruns:0 frame:0
TX packets:717 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:100
RX bytes:181513 (177.2 KiB) TX bytes:272306 (265.9 KiB)