[ previous ] [ next ] [ threads ]
 
 From:  Tim Nelson <tnelson at rockbochs dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  SMB over IPSEC...
 Date:  Wed, 23 Jul 2008 09:07:52 -0500 (CDT)
Hello fellow monowallers... I know the issue of SMB/Samba/Netbios over IPSEC has come up many times.
However, the issue always seems to be related to the fact that broadcasts are not being passed over
the IPSEC tunnel. I'm currently trying to use Samba over IPSEC(one site has monowall 1.3b11 and the
other has pfSense 1.2-RELEASE) but instead of relying on broadcasting and using 'Network
Neighborhood' to find the Samba boxes, we're accessing them directly via IP address by entering
"\\192.168.1.100" in the address bar of the clients which are primarily WinXP machines. They are
able to find the server and access it's shares but opening a file... even small ones like 20k...
takes FOREVER. I'm wondering if there isn't a different issue such as fragmentation happening. Both
sides of the tunnel have completely open "Allow any to any from any" rules so firewalling should not
be the issue. Has anyone seen this type of behavior before? I can make my logs available but after
looking through them, I'm not seeing anything of consequence. All help is welcome and appreciated.
Thank you!

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105