Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] Windows drive mapping using alternate port
2,404 views
Skip to first unread message
Kris Springer
Feb 6, 2014, 2:22:33 PM2/6/14
to
Help. I've got an Ubuntu server running fine with Samba. I can connect
remotely using an iPhone app using an alternate port number that I've
configured to NAT to port 445 through my firewall. But, my ISP has blocked
port 445 for security reasons and I have no way of Mapping a drive in a
remote Windows machine because port 445 is blocked and there doesn't seem to
be any way to edit it or use an alternative port number. I was hoping
there's a client software that could resolve this, or some other way of
remotely mapping shares to my server. I do not have any local machines
inside the server local network, all the users are remote and work from
home. Right now we're utilizing a cloud share provider but we want to bring
everything in-house but I can't seem to get this to work. L
Thanks.
Kris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
remotely using an iPhone app using an alternate port number that I've
configured to NAT to port 445 through my firewall. But, my ISP has blocked
port 445 for security reasons and I have no way of Mapping a drive in a
remote Windows machine because port 445 is blocked and there doesn't seem to
be any way to edit it or use an alternative port number. I was hoping
there's a client software that could resolve this, or some other way of
remotely mapping shares to my server. I do not have any local machines
inside the server local network, all the users are remote and work from
home. Right now we're utilizing a cloud share provider but we want to bring
everything in-house but I can't seem to get this to work. L
Thanks.
Kris
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Jeremy Allison
Feb 6, 2014, 2:41:23 PM2/6/14
to
On Thu, Feb 06, 2014 at 11:22:33AM -0800, Kris Springer wrote:
> Help. I've got an Ubuntu server running fine with Samba. I can connect
> remotely using an iPhone app using an alternate port number that I've
> configured to NAT to port 445 through my firewall. But, my ISP has blocked
> port 445 for security reasons and I have no way of Mapping a drive in a
> remote Windows machine because port 445 is blocked and there doesn't seem to
> be any way to edit it or use an alternative port number. I was hoping
> there's a client software that could resolve this, or some other way of
> remotely mapping shares to my server. I do not have any local machines
> inside the server local network, all the users are remote and work from
> home. Right now we're utilizing a cloud share provider but we want to bring
> everything in-house but I can't seem to get this to work. L
Unfortunately I don't know of any way to make a Windows client
> Help. I've got an Ubuntu server running fine with Samba. I can connect
> remotely using an iPhone app using an alternate port number that I've
> configured to NAT to port 445 through my firewall. But, my ISP has blocked
> port 445 for security reasons and I have no way of Mapping a drive in a
> remote Windows machine because port 445 is blocked and there doesn't seem to
> be any way to edit it or use an alternative port number. I was hoping
> there's a client software that could resolve this, or some other way of
> remotely mapping shares to my server. I do not have any local machines
> inside the server local network, all the users are remote and work from
> home. Right now we're utilizing a cloud share provider but we want to bring
> everything in-house but I can't seem to get this to work. L
use a different port. You might be able to fake it by having
a local server that redirects all traffic to/from port 445
to another remote port via netcat, and run the remote server
on that port - but that will probably introduce latencty.
Jeremy.
Günter Kukkukk
Feb 6, 2014, 2:53:21 PM2/6/14
to
Am 06.02.2014 20:22, schrieb Kris Springer:
> Help. I've got an Ubuntu server running fine with Samba. I can connect
> remotely using an iPhone app using an alternate port number that I've
> configured to NAT to port 445 through my firewall. But, my ISP has blocked
> port 445 for security reasons and I have no way of Mapping a drive in a
> remote Windows machine because port 445 is blocked and there doesn't seem to
> be any way to edit it or use an alternative port number. I was hoping
> there's a client software that could resolve this, or some other way of
> remotely mapping shares to my server. I do not have any local machines
> inside the server local network, all the users are remote and work from
> home. Right now we're utilizing a cloud share provider but we want to bring
> everything in-house but I can't seem to get this to work. L
>
>
>
> Thanks.
> Help. I've got an Ubuntu server running fine with Samba. I can connect
> remotely using an iPhone app using an alternate port number that I've
> configured to NAT to port 445 through my firewall. But, my ISP has blocked
> port 445 for security reasons and I have no way of Mapping a drive in a
> remote Windows machine because port 445 is blocked and there doesn't seem to
> be any way to edit it or use an alternative port number. I was hoping
> there's a client software that could resolve this, or some other way of
> remotely mapping shares to my server. I do not have any local machines
> inside the server local network, all the users are remote and work from
> home. Right now we're utilizing a cloud share provider but we want to bring
> everything in-house but I can't seem to get this to work. L
>
>
>
>
> Kris
>
Hi Kris,
due to millions of misconfigured windows machines, nearly all ISPs
block all ports used by the SMB protocol.
So a good way to workaround this is to tunnel all traffic.
For example see:
http://openvpn.net/index.php/open-source/documentation/howto.html#samba
Sure, the client must also support this...
Cheers, Günter
--
Kris Springer
Feb 6, 2014, 3:04:53 PM2/6/14
to
I've got 50 remote users possibly doubling in the next year. The idea is to
map a drive that they have easy and constant access to. If I tell everyone
to VPN then the traffic on my server's network will go through the roof
since all traffic for everyone will route through the VPN and not their
local networks for regular internet use. Skype would become unusable as
well as a few other things. A VPN would be ideal if it were only a few
users that accessed the shares intermittently, but for 50+ users with
constant access it's not really feasible. Is this starting to sound like a
situation where remote access just isn't going to work? Is Samba simply a
local file sharing server that isn't really useful in today's remote world?
Is there some other alternative that someone could suggest?
Kris
map a drive that they have easy and constant access to. If I tell everyone
to VPN then the traffic on my server's network will go through the roof
since all traffic for everyone will route through the VPN and not their
local networks for regular internet use. Skype would become unusable as
well as a few other things. A VPN would be ideal if it were only a few
users that accessed the shares intermittently, but for 50+ users with
constant access it's not really feasible. Is this starting to sound like a
situation where remote access just isn't going to work? Is Samba simply a
local file sharing server that isn't really useful in today's remote world?
Is there some other alternative that someone could suggest?
Kris
Chris Weiss
Feb 6, 2014, 3:10:34 PM2/6/14
to
On Thu, Feb 6, 2014 at 2:04 PM, Kris Springer
<kspr...@innovateteam.com> wrote:
> I've got 50 remote users possibly doubling in the next year. The idea is to
> map a drive that they have easy and constant access to. If I tell everyone
> to VPN then the traffic on my server's network will go through the roof
> since all traffic for everyone will route through the VPN and not their
> local networks for regular internet use. Skype would become unusable as
> well as a few other things. A VPN would be ideal if it were only a few
> users that accessed the shares intermittently, but for 50+ users with
> constant access it's not really feasible. Is this starting to sound like a
> situation where remote access just isn't going to work? Is Samba simply a
> local file sharing server that isn't really useful in today's remote world?
> Is there some other alternative that someone could suggest?
>
uncheck the "route all traffic through vpn" box.
<kspr...@innovateteam.com> wrote:
> I've got 50 remote users possibly doubling in the next year. The idea is to
> map a drive that they have easy and constant access to. If I tell everyone
> to VPN then the traffic on my server's network will go through the roof
> since all traffic for everyone will route through the VPN and not their
> local networks for regular internet use. Skype would become unusable as
> well as a few other things. A VPN would be ideal if it were only a few
> users that accessed the shares intermittently, but for 50+ users with
> constant access it's not really feasible. Is this starting to sound like a
> situation where remote access just isn't going to work? Is Samba simply a
> local file sharing server that isn't really useful in today's remote world?
> Is there some other alternative that someone could suggest?
>
Kris Springer
Feb 6, 2014, 3:19:01 PM2/6/14
to
Unchecking such a box would be ideal and may solve my problem. Where is
this checkbox found?
Thanks.
Kris
-----Original Message-----
From: Chris Weiss [mailto:cwe...@gmail.com]
Sent: Thursday, February 06, 2014 12:11 PM
To: Kris Springer
Cc: Günter Kukkukk; samba
Subject: Re: [Samba] Windows drive mapping using alternate port
this checkbox found?
Thanks.
Kris
-----Original Message-----
From: Chris Weiss [mailto:cwe...@gmail.com]
Sent: Thursday, February 06, 2014 12:11 PM
To: Kris Springer
Cc: Günter Kukkukk; samba
Subject: Re: [Samba] Windows drive mapping using alternate port
Chris Weiss
Feb 6, 2014, 3:26:35 PM2/6/14
to
depends on the specific vpn solution you pick. pretty sure they all
some option like that
On Thu, Feb 6, 2014 at 2:19 PM, Kris Springer
some option like that
On Thu, Feb 6, 2014 at 2:19 PM, Kris Springer
Gaiseric Vandal
Feb 6, 2014, 3:45:37 PM2/6/14
to
As far as I know, most IPSec VPN solutions allow to enable split
tunneling. The client's non corporate traffic does not get routed
via the corporate VPN. (Some companies may turn this OFF because they
don't want a client access the corporate network while possibly being
remotely monitored or controlled by an internet attacker.)
Do you know what VPN solution you are using. This is something for the
VPN/Firewall/Router sysadmin to manage.
Are you using Samba 3 or Samba 4- you could probably get traffic
running over ports 137, 138 and 139 since Samba 3 doesn't actually run
file traffic over 445.
However, I don't think the Windows file server protocol (samba or not)
was really designed for heavy use over the internet. Even "fast"
internet links are slow compared to most LAN speeds. It might be ok for
people copying files back and forth but not editing files directly from
network shares. (from my experience.) You may be better off
looking at a remote desktop type solution for a some of the users .
It also seems incredibly insecure to have a file server directly
accessible from the Internet.
tunneling. The client's non corporate traffic does not get routed
via the corporate VPN. (Some companies may turn this OFF because they
don't want a client access the corporate network while possibly being
remotely monitored or controlled by an internet attacker.)
Do you know what VPN solution you are using. This is something for the
VPN/Firewall/Router sysadmin to manage.
Are you using Samba 3 or Samba 4- you could probably get traffic
running over ports 137, 138 and 139 since Samba 3 doesn't actually run
file traffic over 445.
However, I don't think the Windows file server protocol (samba or not)
was really designed for heavy use over the internet. Even "fast"
internet links are slow compared to most LAN speeds. It might be ok for
people copying files back and forth but not editing files directly from
network shares. (from my experience.) You may be better off
looking at a remote desktop type solution for a some of the users .
It also seems incredibly insecure to have a file server directly
accessible from the Internet.
Bob Miller
Feb 6, 2014, 3:46:18 PM2/6/14
to
Hello,
> depends on the specific vpn solution you pick. pretty sure they all
> some option like that
The term is split tunnelling. not sure it works with openvpn, but any
l2tp/ipsec client should have it.
I have never tried to put so many users on a vpn simultaneously, but I
do have experience with inadequate internet connections for the tasks at
hand. In the past I have used traffic control to make sure every one at
least suffers equally on a saturated connection...
> depends on the specific vpn solution you pick. pretty sure they all
> some option like that
l2tp/ipsec client should have it.
I have never tried to put so many users on a vpn simultaneously, but I
do have experience with inadequate internet connections for the tasks at
hand. In the past I have used traffic control to make sure every one at
least suffers equally on a saturated connection...
David Bear
Feb 6, 2014, 4:49:48 PM2/6/14
to
Well, it doesn't address making samba and smb based file sharing work over
the whole internet, but you may consider using webdav and exposing the
samba shares your remote users need via that protocol. It's not smb-like --
but the windows explorer does work okay 'mounting' a webdav share.
On Thu, Feb 6, 2014 at 1:04 PM, Kris Springer <kspr...@innovateteam.com>wrote:
> I've got 50 remote users possibly doubling in the next year. The idea is
> to
> map a drive that they have easy and constant access to. If I tell everyone
> to VPN then the traffic on my server's network will go through the roof
> since all traffic for everyone will route through the VPN and not their
> local networks for regular internet use. Skype would become unusable as
> well as a few other things. A VPN would be ideal if it were only a few
> users that accessed the shares intermittently, but for 50+ users with
> constant access it's not really feasible. Is this starting to sound like a
> situation where remote access just isn't going to work? Is Samba simply a
> local file sharing server that isn't really useful in today's remote world?
> Is there some other alternative that someone could suggest?
>
David Bear
mobile: (602) 903-6476
the whole internet, but you may consider using webdav and exposing the
samba shares your remote users need via that protocol. It's not smb-like --
but the windows explorer does work okay 'mounting' a webdav share.
On Thu, Feb 6, 2014 at 1:04 PM, Kris Springer <kspr...@innovateteam.com>wrote:
> I've got 50 remote users possibly doubling in the next year. The idea is
> to
> map a drive that they have easy and constant access to. If I tell everyone
> to VPN then the traffic on my server's network will go through the roof
> since all traffic for everyone will route through the VPN and not their
> local networks for regular internet use. Skype would become unusable as
> well as a few other things. A VPN would be ideal if it were only a few
> users that accessed the shares intermittently, but for 50+ users with
> constant access it's not really feasible. Is this starting to sound like a
> situation where remote access just isn't going to work? Is Samba simply a
> local file sharing server that isn't really useful in today's remote world?
> Is there some other alternative that someone could suggest?
>
> Kris
>
>
>
> -----Original Message-----
> From: Günter Kukkukk [mailto:li...@kukkukk.com]
> Sent: Thursday, February 06, 2014 11:53 AM
> To: Kris Springer
> Cc: sa...@lists.samba.org
>
>
>
> -----Original Message-----
> From: Günter Kukkukk [mailto:li...@kukkukk.com]
> Sent: Thursday, February 06, 2014 11:53 AM
> To: Kris Springer
> Cc: sa...@lists.samba.org
> Subject: Re: [Samba] Windows drive mapping using alternate port
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
David Bear
mobile: (602) 903-6476
mourik jan heupink
Feb 7, 2014, 3:34:45 AM2/7/14
to
Just a suggestion..:
Perhaps use a 'regular' way for remote file access, like http://pyd.io,
and access the drive over webdav? I think you should be able to map a
windows drive to a webdav location?
MJ
Perhaps use a 'regular' way for remote file access, like http://pyd.io,
and access the drive over webdav? I think you should be able to map a
windows drive to a webdav location?
MJ
0 new messages