Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to site SMB discovery and sharing [closed]

    Scheduled Pinned Locked Moved OpenVPN
    15 Posts 4 Posters 11.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ Offline
      johnpoz LAYER 8 Global Moderator
      last edited by

      Well that is borked software.. From what the early 90's or something?

      You could create host files as suggested on the machines in question or you could setup wins..  Or yeah you could put both these networks on the same layer 2 with bridge so they can broadcast for names.. That would for sure be the LAST possible choice!!

      Just because you have not given a domain name to your computers does not mean you can not do that, even if you don't have one.  So these windows machines are not in AD??  You say their is no local DC..  But is there one remote that they are a member of?

      You do not need to be member of AD domain to setup fqdn for your machines and point them to a dns that would resolve hosts in that domain.  Once you place the machine in a domain.. Its quite possible it would do a fqdn query for the name, etc.

      Depends on this borked software in question - what is the name of this software, maybe there are docs on the internet can look at, etc.

      While sure it is technically possible to put your sites on an extended broadcast domain so that clients could broadcast for names.. Not a good idea!!!

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • N Offline
        nightflier
        last edited by

        Heh, I also have a few disagreements about how the software is done. However, it is sold as a pre-configured package, using its own wifi router that remains separate from our business network. The peer-to-peer network only has two servers and three clients, all supported remotely by the parent company under a support agreement, and we are not supposed to "mess with it". I do have access to the mobile laptop clients and can make minor tweaks to their configuration. I can also add a computer to the network.

        The system is pretty cutting edge, servers control a material mill, shaping items from 3D scans created on the clients.

        To be fair to the manufacturer, I am trying to extend the usability of the system beyond what they had envisioned. I have spoken to the company and explained what I want to do. They have no objections, but have never had anyone else do it, and offered no help in setting it up. So I'm hacking away at it, learning a few things along the way. :)

        1 Reply Last reply Reply Quote 0
        • PippinP Offline
          Pippin
          last edited by

          Hacking away….:)

          If you have a machine that can do WINS server....
          Or, Samba can do that too, it has a WINS server built-in, look Samba man.
          Then, push "dhcp-option WINS x.x.x.x" in OpenVPN server.

          I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
          Halton Arp

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            "using its own wifi router that remains separate from our business network."

            So if its on a different layer 2 then your other networks, devices on this isolated network would never be able to "broadcast" for names..  If your just trying to hit some server that is on this isolated network.  Just create a dns record that points to this IP.

            How would you bridge this network into your if its behind its own router??  Do you have control over this router?  Is it doing nat?  Would really need more details to try and help you skin this breed of cat.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • N Offline
              nightflier
              last edited by

              I really appreciate the replies, guys. This project is something I get to in between other duties so it's taking me some extra time.

              To clarify, I no longer consider broadcast/discovery necessary for this particular setup. Using the HOSTS file will suffice for such a narrow case. Should probably change the title of the original post. Before I do that, allow me to answer your questions though.

              I do not have access to the the router of the small network in question, so next step is to try the pfsense server on its NAT'd LAN side.

              I have multiple static IPs available, and PfSense WAN will go on one of those. Access will be through this static IP.

              Any thoughts on this scheme are appreciated, even if it is to instruct me to open a different thread.

              1 Reply Last reply Reply Quote 0
              • N Offline
                nightflier
                last edited by

                Let me try to illustrate..

                VPN-hack.jpg
                VPN-hack.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • DerelictD Offline
                  Derelict LAYER 8 Netgate
                  last edited by

                  Why are you calling the wifi router a router when (apparently) the same subnet is on both sides?

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • N Offline
                    nightflier
                    last edited by

                    In these kinds of setups I usually forego using the WAN side of the wifi router. Disable dhcp and set an IP address which is out of the way. Plug in a cable to LAN side and just let the traffic flow between the ethernet port and the wireless antennas.

                    Hey, I like the diagram in your sig. It would be nice if it was in an editable format, like .odg.

                    1 Reply Last reply Reply Quote 0
                    • DerelictD Offline
                      Derelict LAYER 8 Netgate
                      last edited by

                      In that case it is not a router it is an AP or a bridge. Calling it a router just confuses people.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • N Offline
                        nightflier
                        last edited by

                        Okay, I understand.

                        1 Reply Last reply Reply Quote 0
                        • N Offline
                          nightflier
                          last edited by

                          Closing comment: My initial testing was done using Windows 7 clients. However, the laptop clients in use are actually Windows 10. When I tested the W10 clients, everything worked out of the box - browsing and sharing, as if they were on the same physical network.

                          So yes, a Peer to Peer (shared key) connection is a viable setup for me.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.