Encrypting SMB over SSL to bypass VPN

  • Hello,


    I have a OMV6 machine running on local netwok with SMB file server. On my work PC, I have a VPN service installed and whenever I am using VPN, it disconnects all my SMB sharepoints and also blocks all the http services.

    For the 2nd issue, I have managed to install nginx with SSL certificate and have started using all the services over https


    For the 1st issue however, I was wondering if there's any way to run SMB such that I can still access it using the VPN service ? I've already check with the VPN service provider and unfortulately there's no way in their software to make exception for SMB service.



    Thanks,

    • Official Post

    Accessing samba via VPN with an external service means exposing samba to the outside of your network. This is not safe.


    One solution would be to split the VPN tunnel traffic. Depending on the protocol that VPN uses, it might be possible to do this. Wireguard allows you to do it, I don't know if OpenVPN or other protocols can do it too. Split tunneling means that traffic directed to an IP (or range of IPs) goes to the interface controlled by the VPN and the rest of the traffic goes to the normal network interface. If you can do that you will have access to your local network and samba while the traffic directed to your company (or wherever) runs through the VPN. In Wireguard this is done by modifying the AllowedIPs field on the client.


    If you can't split tunnel I would use Nextcloud to access the files over https.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!