Jump to content

Problem accessing SMB Share over VPN

Recommended Posts

I've recently installed a Vigor 282Vn ADSL modem/router at home that supports VPN (I have a fixed IP address).


The VPN access was very easy to set up and I have successfully connected in to the home network using the Mac's built in VPN client using PPTP, and been allocated an IP address that is within the right range. However, I'm having some odd problems once the connection is established.


On the network, powered up 24x7, are a Mac Mini and a Thecus N3200PRO NAS. Once I've connected via VPN the NAS shows up as a shared computer but the Mac Mini does not. This may be a side-effect of there being no shared services activated on the Mac Mini but I can't tell as I'm not at home right now... Anyway, I am able to ping both machines from the command line, albeit with some latency (300-800ms, depending on the quality of my 3G data connection). I can also SSH into the Mac Mini.


To add to the mystery further, when I open the network folder using command-shift-k, the NAS is listed. But when I double-click to connect to the NAS, the connection attempt fails. The NAS requires a username and password which is in my keychain.


Needless to say, when I am connected locally to the network, both show up as a shared device and I can connect to the SMB shares on the NAS drive without a problem.


It feels to me like although the TCP/IP level comms are working correctly (otherwise ping and ssh would not work), some protocols are being blocked from working across the VPN. Does anybody have any suggestions for things I can try to further narrow down the problem, or any settings I should check either with my VPN client or the router?


I should add I've got the client firewall currently turned off. The router firewall is in its default state but I'm assuming the firewall will not interfere with traffic over the VPN. With the Mac VPN client you have the option to route all traffic via the VPN but it makes no difference if this is on or off - except that internet access gets very slow when it is on.




Share this post

Link to post
Share on other sites

OK, problem solved.


The key to all of this is that Bonjour does not work over a VPN. So the Mac Mini does not show up because Bonjour is the basis for discovery and display of peer Macs. However the NAS does show up because it supports uPNP - which is turned on. So that solved the mystery of why the NAS shows up and the Mac Mini does not.


This did not fix the problem of accessing NAS folders though, but having found the root of the problem it wasn't long before I found a work-around which was actually posted in connection with using names of the format 'fred.local' across a VPN, which by default do not work. To be able to work with the NAS, I simply put its displayed name into /etc/hosts with the correct IP address. Now I can open the NAS from the network folder and everything works exactly as I want it to.


Apparently there is a way to get Bonjour traffic to propagate across a VPN connection, but it is non-trivial... Maybe some other time.

Share this post

Link to post
Share on other sites

I wouldn't bother getting VPN to work with Bonjour. I spent days trying to get an older Tiger server to work. I managed it in the end, but I won't be bothering again. My users can use the IP / ext dns address in the connect to server window now!

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online