Windows clien't can't connect to anything. SMB shares very slow from Mac.
-
There aren't any openvpn mistakes that could be made that would give you intermittent access to a share.
For me its always been all good or dead. I got nothin. Could be a windows firewall issue? ISP?If its pfsense, its nothing I'm aware of. I'm using such shares now on the same version as you - with linux mint sharing. Some difference.
-
It's not intermittent, just very slow on the Mac and doesn't work at all on windows. Smb isn't the only issue on the Windows machine though, http and https also don't work on the windows machine. I'm guessing nothing works on the windows machine but I have only tested http, https and smb. I'll try disabling windows firewall though and try from a different internet connection.
-
I'm at a loss. Sharing usually either works or fails. Its weird.
-
You might have a path MTU problem.
Try setting VPN > IPsec, Advanced, Enable Maximum MSS to 1400 and testing again.
https://en.wikipedia.org/wiki/Path_MTU_Discovery
-
Try setting VPN > IPsec, Advanced, Enable Maximum MSS to 1400 and testing again.
This is on an Openvpn vpn, would it still be set under IPsec?
Thanks
-
Test it OFF LTE, on a wired internet connection and see if anything changes. Also, maybe post your openvpn configuration. See if there is anything odd in there.
-
You might have a path MTU problem.
Try setting VPN > IPsec, Advanced, Enable Maximum MSS to 1400 and testing again.
https://en.wikipedia.org/wiki/Path_MTU_Discovery
I did have to fool around with MSS and MSS-Fix, 1400 was the number. However, I've only had to touch it on DD-WRT.
-
This is on an Openvpn vpn, would it still be set under IPsec?
Thanks
Yes. I was going to mention I realized it was OpenVPN and to set it under IPsec anyway. That covers all VPN networks. Generrally when you have a PMTU problem under one you have it under both.
-
I added mssfix 1400 and am now able to access the servers with my cellphone which wasn't working before.
I am starting to wonder if it is just the terrible upload speed where the pfsense box is (1.36mbps). I knew it was bad but i didn't realize it was that bad… I would still think it shouldn't take 20 seconds to open a 14KB file though. Is there any way to speed it up over this connectlon?Here is the config file, I have replaces anything that might not be public information with *s.
dev ovpns1 verb 1 dev-type tun dev-node /dev/tun1 writepid /var/run/openvpn_server1.pid #user nobody #group nobody script-security 3 daemon keepalive 10 60 ping-timer-rem persist-tun persist-key proto udp cipher AES-256-CBC auth SHA256 up /usr/local/sbin/ovpn-linkup down /usr/local/sbin/ovpn-linkdown client-connect /usr/local/sbin/openvpn.attributes.sh client-disconnect /usr/local/sbin/openvpn.attributes.sh multihome tls-server server 10.152.152.0 255.255.255.0 client-config-dir /var/etc/openvpn-csc/server1 username-as-common-name auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user *******************= false server1 1194" via-env tls-verify "/usr/local/sbin/ovpn_auth_verify tls ‘**************’ 1" lport 1194 management /var/etc/openvpn/server1.sock unix max-clients 25 push "route 10.152.172.0 255.255.255.0" client-to-client duplicate-cn ca /var/etc/openvpn/server1.ca cert /var/etc/openvpn/server1.cert key /var/etc/openvpn/server1.key dh /etc/dh-parameters.2048 tls-auth /var/etc/openvpn/server1.tls-auth 0 ncp-ciphers AES-256-GCM:AES-128-GCM persist-remote-ip float topology subnet mssfix 1400 -
SMB really, really sucks especially over slow, higher-latency connections. 1.3Mbit/sec? You're lucky it works at all.
You might consider some sort of syncing protocol that syncs the two sites overnight or something.
-
I also did this but it didn't work on my cellphone until i also added mssfix 1400
Try setting VPN > IPsec, Advanced, Enable Maximum MSS to 1400 and testing again.
SMB really, really sucks especially over slow, higher-latency connections. 1.3Mbit/sec? You're lucky it works at all.
You might consider some sort of syncing protocol that syncs the two sites overnight or something.
Im going to call the ISP on Monday and see if they can provide a better upload speed.
I will try it on a wired connection as soon as i get home, but im sure my upload speed isn't helping. What should me compression settings be set to?
-
Can that be pushed effectively?
-
SMB really, really sucks especially over slow, higher-latency connections. 1.3Mbit/sec? You're lucky it works at all.
You might consider some sort of syncing protocol that syncs the two sites overnight or something.
Are most people using SMB over vpn or should i be using a different protocol? I use nfs at home but i also don't have any windows machines at home, only linux and Mac.
-
Can that be pushed effectively?
I'm unsure what you are asking.
-
For setting I want all clients to have I normally configure openvpn server to push the settings to all clients that connect to it.
Wondered if this setting could be pushed. Was asking Derelict. Sorry.
As far as should you use SMB. It depends. What are you using it for? For most file manipulation, I use caja browser and sftp or SSH in.
Outside linux, I use winscp.
For other things, SMB is easier.
Of course, I only use linux shares so makes it easier to flip back and forth between those methods.
-
As far as should you use SMB. It depends. What are you using it for? For most file manipulation, I use caja browser and sftp or SSH in.
Mostly for accessing word and Excel documents and pdf's, maybe accessing pictures and videos in the future, but I would have to get a faster connection for that. One of the directories I would be accessing quite frequently has over 4800 files in it (word and PDF) and gets bigger every day, and is quite slow to list currently.
I do currently have owncloud running on a vps with this folder synced to it, but if possible I would also like VPN access to it.
-
Yeah - You would do much better with SFTP I think.
Though windows lacks the ability natively, there are add-on programs to give you SSH and SFTP access remotely.
https://wiki.filezilla-project.org/FileZilla_FTP_Server
I've never needed a windows server for things like this, but I think filezilla can do it.
There are also other (pay me) microsoft solutions and probably other add-ons for windows.
Still, I'm biased perhaps but I think linux makes a much better "server" for such things. (Edited) I hate windows for serving up files.
-
Just reading about owncloud. Thats starting to look like a NAS.
Looks cool though and it runs on linux. (Probably runs best on linux, BSD and other unix like systems)
-
Just reading about owncloud. Thats starting to look like a NAS.
It's pretty much like Dropbox or Google drive except you host it yourself.
Yeah - You would do much better with SFTP I think.
Though windows lacks the ability natively, there are add-on programs to give you SSH and SFTP access remotely.
Freenas most likely supports SFTP, I'll take a look.
I've never needed a windows server for things like this, but I think filezilla can do it.
The file server is actually freenas (freebsd). All of the servers are Linux or Freebsd as I don't like windows. The only reason I've used smb is for compatibility with the windows clients on the network.
-
Awesome. Enable SMB on your Linux file server. You will have it all.
I've never needed something as dedicated as a large NAS. They seem to be resource hungry.
I do all my sharing out of a linux box with only SMB and SSH enabled and a script to mount the drives on boot. Nothing amazing.
Yours will no doubt be much more feature-rich and many people likely require such beasts.
