Hi Dave, On 27/04/17 19:12, David Mehler wrote: > Hello, > > I've got a machine running Openvpn 2.4. It's also got a web server on > it. Currently to alter files users have to sftp them in to place. What > I was wondering is would it be possible to run samba4 as a standalone > server not as a domain member or controller, and give connecting users > rights to the web areas? Ideally they'd just hit their system's > network area then the workgroup then the share and copy in files that > way. > > One issue is I don't want smbd and nmbd listening on the public > interface so I've got them locked down to 127.0.0.1 wondering if this > would be an issue? > > I won't cover what the others already told you, but keep in mind that windows 7+ clients normally don't trust the Windows TAP adapter ; the result is that the VPN connection is placed in the public network zone and you will not be able to browse any files in that zone. The easiest trick to work aroudn this is to add a (bogus) default route : push "route 0.0.0.0 0.0.0.0 net_gateway 300" to the server config - this will create a default route with a very high metric on the client. This route will normally never be used but it does allow you to place the Windows TAP adapter in a private zone.
HTH, JJK ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
