How do I share samba via Open VPN? Is that possible?












5















I have configured open VPN in my home so that it can be accessible from my office easily.



Now I want to share samba via my open VPN. How can I share samba over open VPN between Ubuntu and Windows?



Home public IP: HHH.OOO.MMM.EEE
Home desktop IP: 192.168.10.10
Office public IP: OOO:FFF:III:CCC
Office Windows desktop IP: 192.168.1.10









share|improve this question





























    5















    I have configured open VPN in my home so that it can be accessible from my office easily.



    Now I want to share samba via my open VPN. How can I share samba over open VPN between Ubuntu and Windows?



    Home public IP: HHH.OOO.MMM.EEE
    Home desktop IP: 192.168.10.10
    Office public IP: OOO:FFF:III:CCC
    Office Windows desktop IP: 192.168.1.10









    share|improve this question



























      5












      5








      5


      1






      I have configured open VPN in my home so that it can be accessible from my office easily.



      Now I want to share samba via my open VPN. How can I share samba over open VPN between Ubuntu and Windows?



      Home public IP: HHH.OOO.MMM.EEE
      Home desktop IP: 192.168.10.10
      Office public IP: OOO:FFF:III:CCC
      Office Windows desktop IP: 192.168.1.10









      share|improve this question
















      I have configured open VPN in my home so that it can be accessible from my office easily.



      Now I want to share samba via my open VPN. How can I share samba over open VPN between Ubuntu and Windows?



      Home public IP: HHH.OOO.MMM.EEE
      Home desktop IP: 192.168.10.10
      Office public IP: OOO:FFF:III:CCC
      Office Windows desktop IP: 192.168.1.10






      networking server samba vpn openvpn






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Feb 4 at 11:41









      Matthias Braun

      269310




      269310










      asked Mar 28 '16 at 12:06









      Dinesh DhananjayanDinesh Dhananjayan

      142226




      142226






















          2 Answers
          2






          active

          oldest

          votes


















          4














          In short: Make sure that samba accepts connections from the VPN subnet.



          In more detail (from the OpenVPN wiki):



          Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:



          hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1


          If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:



          interfaces  = 10.66.0.0/24 10.8.0.0/24


          If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:



          \10.8.0.1\sharename


          (10.66.0.0 is the home subnet in their example, 10.8.0.0 is the VPN subnet)



          Afterwards, restart the samba service to take the new configuration into account:



          sudo service smbd restart





          share|improve this answer





















          • 1





            While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

            – FreeSoftwareServers
            Apr 16 '16 at 21:45



















          0














          This applies if your remote VPN is running on a different computer than the SMB share.



          I think that what you want is the following to your OpenVPN config file.



          push "route 192.168.1.0 255.255.255.0"


          This allows your remote computer to see the rest of the Remote 192.168.1.* network, if you don't have this line, then it will only be able to access remote resources on the computer running the VPN server.



          Here is my guide which includes a few other configs I make related to IPTables and UFW.






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "89"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f751034%2fhow-do-i-share-samba-via-open-vpn-is-that-possible%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            4














            In short: Make sure that samba accepts connections from the VPN subnet.



            In more detail (from the OpenVPN wiki):



            Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:



            hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1


            If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:



            interfaces  = 10.66.0.0/24 10.8.0.0/24


            If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:



            \10.8.0.1\sharename


            (10.66.0.0 is the home subnet in their example, 10.8.0.0 is the VPN subnet)



            Afterwards, restart the samba service to take the new configuration into account:



            sudo service smbd restart





            share|improve this answer





















            • 1





              While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

              – FreeSoftwareServers
              Apr 16 '16 at 21:45
















            4














            In short: Make sure that samba accepts connections from the VPN subnet.



            In more detail (from the OpenVPN wiki):



            Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:



            hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1


            If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:



            interfaces  = 10.66.0.0/24 10.8.0.0/24


            If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:



            \10.8.0.1\sharename


            (10.66.0.0 is the home subnet in their example, 10.8.0.0 is the VPN subnet)



            Afterwards, restart the samba service to take the new configuration into account:



            sudo service smbd restart





            share|improve this answer





















            • 1





              While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

              – FreeSoftwareServers
              Apr 16 '16 at 21:45














            4












            4








            4







            In short: Make sure that samba accepts connections from the VPN subnet.



            In more detail (from the OpenVPN wiki):



            Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:



            hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1


            If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:



            interfaces  = 10.66.0.0/24 10.8.0.0/24


            If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:



            \10.8.0.1\sharename


            (10.66.0.0 is the home subnet in their example, 10.8.0.0 is the VPN subnet)



            Afterwards, restart the samba service to take the new configuration into account:



            sudo service smbd restart





            share|improve this answer















            In short: Make sure that samba accepts connections from the VPN subnet.



            In more detail (from the OpenVPN wiki):



            Next, edit your Samba configuration file (smb.conf). Make sure the hosts allow directive will permit OpenVPN clients coming from the 10.8.0.0/24 subnet to connect. For example:



            hosts allow = 10.66.0.0/24 10.8.0.0/24 127.0.0.1


            If you are running the Samba and OpenVPN servers on the same machine, you may want to edit the interfaces directive in the smb.conf file to also listen on the TUN interface subnet of 10.8.0.0/24:



            interfaces  = 10.66.0.0/24 10.8.0.0/24


            If you are running the Samba and OpenVPN servers on the same machine, connect from an OpenVPN client to a Samba share using the folder name:



            \10.8.0.1\sharename


            (10.66.0.0 is the home subnet in their example, 10.8.0.0 is the VPN subnet)



            Afterwards, restart the samba service to take the new configuration into account:



            sudo service smbd restart






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Mar 29 '16 at 9:28









            kos

            25.9k871121




            25.9k871121










            answered Mar 29 '16 at 6:10









            HenningHenning

            561




            561








            • 1





              While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

              – FreeSoftwareServers
              Apr 16 '16 at 21:45














            • 1





              While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

              – FreeSoftwareServers
              Apr 16 '16 at 21:45








            1




            1





            While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

            – FreeSoftwareServers
            Apr 16 '16 at 21:45





            While its less security minded, since the entire 10.*.*.* network is private, I just use "hosts allow = 10.", this allows all hosts from any 10.*.*.* network.

            – FreeSoftwareServers
            Apr 16 '16 at 21:45













            0














            This applies if your remote VPN is running on a different computer than the SMB share.



            I think that what you want is the following to your OpenVPN config file.



            push "route 192.168.1.0 255.255.255.0"


            This allows your remote computer to see the rest of the Remote 192.168.1.* network, if you don't have this line, then it will only be able to access remote resources on the computer running the VPN server.



            Here is my guide which includes a few other configs I make related to IPTables and UFW.






            share|improve this answer




























              0














              This applies if your remote VPN is running on a different computer than the SMB share.



              I think that what you want is the following to your OpenVPN config file.



              push "route 192.168.1.0 255.255.255.0"


              This allows your remote computer to see the rest of the Remote 192.168.1.* network, if you don't have this line, then it will only be able to access remote resources on the computer running the VPN server.



              Here is my guide which includes a few other configs I make related to IPTables and UFW.






              share|improve this answer


























                0












                0








                0







                This applies if your remote VPN is running on a different computer than the SMB share.



                I think that what you want is the following to your OpenVPN config file.



                push "route 192.168.1.0 255.255.255.0"


                This allows your remote computer to see the rest of the Remote 192.168.1.* network, if you don't have this line, then it will only be able to access remote resources on the computer running the VPN server.



                Here is my guide which includes a few other configs I make related to IPTables and UFW.






                share|improve this answer













                This applies if your remote VPN is running on a different computer than the SMB share.



                I think that what you want is the following to your OpenVPN config file.



                push "route 192.168.1.0 255.255.255.0"


                This allows your remote computer to see the rest of the Remote 192.168.1.* network, if you don't have this line, then it will only be able to access remote resources on the computer running the VPN server.



                Here is my guide which includes a few other configs I make related to IPTables and UFW.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Apr 16 '16 at 21:38









                FreeSoftwareServersFreeSoftwareServers

                7411721




                7411721






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Ask Ubuntu!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f751034%2fhow-do-i-share-samba-via-open-vpn-is-that-possible%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Human spaceflight

                    Can not write log (Is /dev/pts mounted?) - openpty in Ubuntu-on-Windows?

                    張江高科駅