Re: [Users] Samba Authentication

From: Jfabricio - Departamento de TI (jfabricio_at_greenwichint.com.br)
Date: Fri Nov 29 2002 - 11:16:41 CET

• Next message: mlafon_at_arkoon.net: "Re: [Users] Sample config for NAT-T + DHCP-over-IPSec - anyone?"
• Previous message: J.J.Gallardo: "[Users] Next CRL update was expected..."
• In reply to: Jordan Share: "RE: [Users] Samba Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks for the last tip,

    Now my VPN is working.

Tks.

Jfabricio

----- Original Message -----
From: "Jordan Share" <iso9_at_jwiz.org>
To: "Jfabricio - Departamento de TI" <jfabricio_at_greenwichint.com.br>
Cc: <users_at_lists.freeswan.org>
Sent: Wednesday, November 27, 2002 11:10 PM
Subject: RE: [Users] Samba Authentication

> 14750 should be plenty, and is definitely not what is causing your
problem.
>
> Have you tried specifying the Domain Controller in an LMHOSTS file on the
> win98 box?
> http://support.microsoft.com/default.aspx?scid=KB;en-us;q180094
>
> Is this win98 box the only windows box on the non-PDC side of the tunnel?
> If not, you want to make sure that the local browsemaster (for the
broadcast
> domain on the non-PDC side) knows who the PDC is, and (I think) the WINS
> server (which presumably is on the other side).
>
> IIRC, every local browsemaster syncs its browse list with the PDC, and
thus
> they converge on all having the same browse list.
>
> Jordan
>
> > -----Original Message-----
> > From: users-admin_at_lists.freeswan.org
> > [mailto:users-admin_at_lists.freeswan.org]On Behalf Of Jfabricio -
> > Departamento de TI
> > Sent: Wednesday, November 27, 2002 10:46 AM
> > To: Ken Bantoft
> > Cc: users_at_lists.freeswan.org
> > Subject: Re: [Users] Samba Authentication
> >
> >
> > Thanks again.
> > But I have just one Samba Server as a PDC.
> > I tried to search for a machine from the other side, and I can't.
> > I think I found this problem.
> > I can't ping one machine from the other side with more then
> > 14750 bytes
> > ( ping -l 15000 192.168.2.XXX ).
> > This is a Fragmentation Problem, isn't it?
> > Do you or someone can tell me how to solve this new problem?
> > How can I make lower my packets? ( Exemple: Using a lower key, lower
> > Cripto, etc. And how to do it )
> >
> >
> > Thanks a lot,
> >
> > Jfabricio
> > ----- Original Message -----
> > From: "Ken Bantoft" <ken_at_freeswan.ca>
> > To: "Jfabricio - Departamento de TI" <jfabricio_at_greenwichint.com.br>
> > Cc: <users_at_lists.freeswan.org>
> > Sent: Wednesday, November 27, 2002 4:12 PM
> > Subject: Re: [Users] Samba Authentication
> >
> >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > >
> > >
> > > On Wed, 27 Nov 2002, Jfabricio - Departamento de TI wrote:
> > >
> > > > Thanks for your tips, but I allways setup my workstations with
> > NetBeuis
> > > > Over Tcp/Ip.
> > > >
> > > > I was checking with IPTRAF, and when I use a real
> > Domain/Group name
> > the
> > > > NetBeuis packets does not pass throuth the IPSEC Tunnel. Then
> > I have the
> > > > following message: There was no server to authenticate.
> > >
> > > Then you have a local workstation/server that is announcing itself as
a
> > > domain level master browser. Possibly either a Win2K/NT or Smaba
server
> > > misconfigured to act as a PDC/BDC. So the local clients *think* it's
> > > responsble for domain XXXXX and query it instead of sending the
requests
> > > to the real server.
> > >
> > > >
> > > > When I use the real IP from the server, the NetBeuis Packets
pass
> > > > throuth the IPSEC Tunnel. But I have the wrong password or
> > > > denied access message.
> > > >
> > > > Do you or someone, have any idea to make me solve this problem?
> > > >
> > > >
> > > > Thanks
> > > >
> > > > Jfabricio
> > > >
> > >
> > > - --
> > > Ken Bantoft The Unoffical FreeS/WAN Site:
> > > ken_at_freeswan.ca http://www.freeswan.ca
> > > PGP Key: finger ken_at_bantoft.org
> > > "We can factor the number 15 with quantum computers. We
> > > can also factor the number 15 with a dog trained to bark
> > > three times." -- Robert Harley, 5/12/01, Sci.crypt
> > > "It is dangerous to be right when the government is wrong."
> > > -- Voltaire
> > > "The obvious mathematical breakthrough would be development
> > > of an easy way to factor large prime numbers."
> > > -- Bill Gates from The Road Ahead, p265
> > > "An essential element of freedom is the right to privacy,
> > > a right that cannot be expected to stand against an
> > > unremitting technological attack." -- Whitfield Diffie
> > > "Anyone who considers arithmetical methods of producing
> > > random digits is, of course, in a state of sin."
> > > -- John Von Neumann, 1951
> > > "Random numbers should not be generated with a method
> > > chosen at random." -- Donald Knuth,
> > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: 2.6.3ia
> > > Charset: noconv
> > >
> > > iQCVAwUBPeULA1iWUusaxGxpAQEtbQP9Fq+ZVreI/nirbbHtS0jsVZajEK+D7suI
> > > MmWmD5E0TcgcN+8iwdtmbQML/7j80bQ20AEQND4tE4efjUqU8NDuHkuIHommg2R7
> > > WVVc34RB3vdRviupqHnxRbPVvUzJQLZ32Dg38C2oZ4FbpwNnUdMM/bs+rb6Qb6Gc
> > > bQbh0EuYN7U=
> > > =fnZI
> > > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Users mailing list
> > Users_at_lists.freeswan.org
> > http://lists.freeswan.org/mailman/listinfo/users
> >
>

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: mlafon_at_arkoon.net: "Re: [Users] Sample config for NAT-T + DHCP-over-IPSec - anyone?"
• Previous message: J.J.Gallardo: "[Users] Next CRL update was expected..."
• In reply to: Jordan Share: "RE: [Users] Samba Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Sat Nov 30 2002 - 05:21:00 CET