VPN & SAMBA on Same Server -- Cant Access SAMBA

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
marc25v
Posts: 2
Joined: Mon Nov 04, 2019 10:15 pm

VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by marc25v » Mon Nov 04, 2019 10:20 pm

Hi all,

I am attempting to figure out how to access my SAMBA shares that are on the same server as the VPN when connected as a VPN client.

Current Architecture:
- Client: iOS / Android Mobile Device -- On Mobile Data
- VPN Server: Linux Raspberry PI -- 192.168.0.2
- Samba Server : Same as the VPN Server -- 192.168.0.2

-----
What Works:
- Connected to the VPN, I can access the internet AND all LOCAL network drives and devices, EXCEPT the Raspberry PI running the Server and the Samba shares.

What Doesnt Work:
- I cannot access the 192.168.0.2 IP address when I am connected via VPN.

What I Would Hope to Work:
- When connected to the VPN, I can access Internet, and ALL local devices on the network, including the Raspberry PI 192.168.0.2.

----
Any suggestions? Thanks!

jennylove
Posts: 5
Joined: Tue Nov 05, 2019 6:08 am
Location: Dallas, TX

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by jennylove » Tue Nov 05, 2019 6:54 am

Can you ping the samba server? Access its shares via \\IPADDRESS? Is the samba server on the same subnet as everything that can be seen?

marc25v
Posts: 2
Joined: Mon Nov 04, 2019 10:15 pm

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by marc25v » Tue Nov 05, 2019 1:34 pm

Hi

I cannot ping the samba share or even SSH into the server when connected. I cannot connect to the share even using the IP address. Yes, it is on the same subnet.

Thanks a lot

ozone
Posts: 65
Joined: Thu Sep 19, 2019 7:18 pm

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by ozone » Wed Nov 06, 2019 12:15 am

This is a known issue on (at least) linux.

Try bridging the virtualhub to a new tap-device (on vpnserver).
Give this tapdevice in Raspbian a new (fixed, unused) ip-address, eg 192.168.0.3.
From the vpn-clients, use that new ip-address to access the resources on the pi.

Success,

Oz

MyronSz
Posts: 19
Joined: Mon Sep 16, 2019 7:34 pm

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by MyronSz » Thu Nov 28, 2019 8:14 pm

Have you managed to do this without using SecureNAT? I've done similar, but I'm using SecureNAT and the tapdevice's IP address I've set within the IP range of the SecureNAT.
ozone wrote:
Wed Nov 06, 2019 12:15 am
Try bridging the virtualhub to a new tap-device (on vpnserver).
Give this tapdevice in Raspbian a new (fixed, unused) ip-address, eg 192.168.0.3.
From the vpn-clients, use that new ip-address to access the resources on the pi.

ozone
Posts: 65
Joined: Thu Sep 19, 2019 7:18 pm

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by ozone » Sat Nov 30, 2019 2:48 pm

@MyronSz

yes. Just checked it.
This is what I did:
-Created virtualhubs "lan"and "nat"
-Setup securenat for "nat"
-bridged "lan" to eth0 AND a new tapdevice "tap_lan"
-bridged "nat" to a new tapdevice "tap_nat"
-In linux, set eth0 to fixed ip, incl gateway and dns (from your internet gateway), ip could also be via dhcp.
-In linux, set tap_lan to fixed ip in same range as eth0
-In linux, set tap_nat to fixed ip in same range as securenat.

Now, this is the result:
-when connected via vpn to virtualhub "lan", I can connect to resources on the ip of tap_lan
-when connected via vpn to virtualhub "nat", I can connect to resources on the ip of tap_nat

(tested on raspbian jessie on pi3)

Maybe something else is dropping the packages....?

myron.s
Posts: 7
Joined: Sun Nov 29, 2020 4:38 pm

Re: VPN & SAMBA on Same Server -- Cant Access SAMBA

Post by myron.s » Sun Nov 29, 2020 5:51 pm

Thanks @ozone , that did work. Not an ideal situation, but it works if the securenat get in the way and a true bridge is required. (I know, this thread is a year old.)

Post Reply