OpenVPN and Samba share

  • Hello,


    I want to access a samba share through internet. To secure transmissions, I use OpenVPN plugin.


    I know I have to use a vpn to secure samba transmissions, but I want it to be "hidden" for users:
    I want to start vpn when opening the OS session and keep it alive until I logout.
    I don't want to stop vpn tunnelling to browse internet.


    Is there a way to use vpn with samba and browse internet without at the same time ?


    Do I need to start and stop openvpn every time I need to use my samba share through the internet ?


    Thanks to your answers and forgive my english skills :P

    • Offizieller Beitrag

    I know I have to use a vpn to secure samba transmissions, but I want it to be "hidden" for users:


    This in a routed vpn (tun adapter by default when using openvpn) you will see no broadcast (no announce), so no browsing the network like you do in windows. You'll have to access directly through unc path or map network drive once the vpn is up. What users are you referring to?


    I want to start vpn when opening the OS session and keep it alive until I logout.
    I don't want to stop vpn tunnelling to browse internet.


    I am correct to understand that you want to start vpn when you open your laptop/pc session? It should be possible but you should find the answer to that somewhere else like openvpn forums/wiki


    Is there a way to use vpn with samba and browse internet without at the same time ?

    very confusing, explain this again please


    Do I need to start and stop openvpn every time I need to use my samba share through the internet ?

    Of course, that's what you want access samba through the vpn, how are you going to do it without the vpn? you can fwd samba ports router to server but you want a secure link

  • hi,


    I am not sure I am understanding your question. Do you mean this:


    From another computer -- let's call it a laptop because it might be a laptop in a cafe -- you want to access the Samba share on your OMV server that is somewhere else, perhaps at home.


    From your laptop you want to your Samba connection to go over the secure VPN, while at the same time you want your web traffic to go direct?


    If I have not understood you, please ask again.


    If this is what you mean, then the settings to do that would be made on the laptop, not on the OMV server. OMV does not care or know about a browsing session that happens elsewhere.


    Exactly how to do this depends on both the operating system of the laptop and the script or program you use to set up the VPN at the laptop end. The plugin only looks after the OMV end of the VPN, and the relevant changes would be made at the other end of the link.


    If you are lucky your VPN provider's program might have an option to only route some traffic through the VPN, Look for an option to route only some services, or only some ports.


    The protocol is TCP


    It will need either a service name or a port number. Service names are SMB or CIFS -- these are the old and new names of the service Samba provides and if it recognises either of these it will work. If it wants a port number instead of a service name, then it is 445.


    I hope that helps.


    If it is not enough to get you going, and if other users here do not immediately know how to help, then I think in all fairness you need to seek further help from the OpenVPN FAQ or user forums. Good luck with that, it is definitely possible it is just finding out how to tell the VPN what you want.


    Seasonal greetings!
    River~~

  • From your laptop you want to your Samba connection to go over the secure VPN, while at the same time you want your web traffic to go direct?


    Yes, that is exactly what I want. Indeed I will create some account for my family.


    In my VPN connection configuration, I select the checkbox "Use this connection only for ressources for its network ".
    It seems to work now

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!