Windows/Samba File share only one way via VPN
sttwebs last edited by
after hours of googling and finally gave up and now hope to find help here in ths forum.
I'm having the following configuration running:
- Windows-Server (192.168.55.1) with OpenVPN-TAP Device, running as Server and in TUN Mode (192.168.88.1)
- pfsense Firwall with the following Interfaces: LAN 10.83.1.x, DMZ 192.168.83.x, OpenVPN Client 192.168.88.2
To be a bit more graphical:
Windows/OpenVPN Server(SITE A)|<–---Tunnel 192.168.88.x---->|(SITE B)pfsense----LAN/DMZ
Now heres the actuall problem:
The tunnel is running fine, I can access everything (e.g. RDP, VNC, DNS, FTP, etc) from the Site A to Site B and via verse, except for Windows File Share...
BUT wait here is the tricky part:
- From Site B to Site A I CAN access windows filesharing on all devices (wether Linux Samba or Windows FS).
- From Site A to Site B I can't open any SAMBA Device, but all other services.
Now for my checklist, what I have done so far:
- I checked all my local firewalls, they are 100% disabled... so no Windows FW or such things are running, the only security is PFSENSE
- I can't access neither via IP nor DNS, so the famouse "enable Netbios via TCP" is also from the list, right?
- I enabled on the LAN Interface a FW rule, which allows ALL traffic coming from SITE A adresses (.88.x, .55.x) to go through... so no problem here too, right?
- Since I can ping and trace and use other services from all Sites, I also take a routing issue out of my list too...
I have the feeling that pfsense is blocking something I can't trace/understand... have you encountered the same problem? Or should I think about a reconfig of my tunnel?
The pfsense is a ALIX-Board embedded 1.2.3-RC1 version... I'm planning to reinstall 1.2.3-RC3 soon.
If you need more infos, please let me know, I'm happy to share them with you.
Cheers and regards,
sttwebs last edited by
ok… now this is embarresing.
After I posted this post, I was just checking again on all my configs, like Windows Settings, Openvpn and so on.
Then I thought: "ok let's do something stupid and switch the machine I try to log into SITE B from..." so I took another client and tried to access a PC of SITE B... and there it GOES!!! All working fine... After that I tried to access SITE B from the Windows Server again and it was working...
I can't explain why this works JUST NOW out of the blue but it does... so please ignore this stupid it guy and get on with the day ::)