Logging on a Samba PDC over Cisco Router

Discussion in 'Cisco' started by Raffi, Feb 5, 2004.

  1. Raffi

    Raffi Guest

    Hi all,

    I'm setting up a test segment on my LAN. I have the following setup:

    Win2K host ---- Cisco 2621 ---- rest of the network routed by an RT314

    The RT314 segment contains the main network which has my Samba PDC.
    When I connect the Win2k host to the RT314 segment, it logs onto the
    Samba PDC just fine. When I connect through the 2621 the broadcasts
    don't make it to the PDC even when I attempt to configure the 2621 to
    do so. I have tried different configuration options on the Cisco
    router to try and forward the netbios UDP broadcasts, but they keep
    getting stuck on the LAN side of the router interface and don't make
    it to the PDC (confirmed through debug ip udp on the LAN side
    interface of the 2621). As expected, I can't browse shares on the
    RT314 network either. The configuration options I have tried are
    setting a ip helper-address on the LAN side interface on the 2621
    pointing to both the PDC ip address and the broadcast address of the
    RT314 network (x.x.100.255). I have also tried configuring a netbios
    name server with the ip address of the PDC. Neither of these have
    worked. I'm sure I'm dropping the ball somewhere but can't figure out
    where. Here are the relevant portions of the 2621 configuration. The
    Samba PDC is configured for WINS. I have tried the Win2k host both
    with and without WINS over TCP/IP. Any help would be greatly
    ip subnet-zero
    ip name-server x.x.100.6
    ip dhcp excluded-address x.x.200.1
    ip dhcp pool 1
    network x.x.200.0
    default-router x.x.200.1
    dns-server x.x.100.6
    interface FastEthernet0/0
    description connected to RT 314
    ip address x.x.100.7
    duplex auto
    speed auto
    interface FastEthernet0/1
    description connected to EthernetLAN
    ip address x.x.200.1
    duplex auto
    speed auto
    router rip
    version 2
    network x.x.100.0
    network x.x.200.0
    no auto-summary
    ip classless
    ip route x.x.100.1
    no ip http server
    Raffi, Feb 5, 2004
    1. Advertisements

  2. Try this:

    interface FastEthernet0/0
    ip directed-broadcast
    interface FastEthernet0/1
    ip helper-address x.x.100.255
    Helmut Ulrich, Feb 5, 2004
    1. Advertisements

  3. Raffi

    Raffi Guest


    Thanks for the suggestion. I tried it but it didn't help the
    situation. I still couldn't log onto the domain or browse any of the
    shares on the x.x.100.0 segment.

    Is there a way to make this work without placing a WINS server or a
    BDC on every segment of the network, or without enabling bridging
    across the router?

    One interesting thing I noticed in my Samba nmbd.log file is that the
    PDC is losing local master browser election to the Win2k host. I
    thought "os level = 65" would have made sure Samba wins all LMB

    Here is the pertinent portion of my smb.conf if it helps:

    ; Network information
    netbios name = bsdbox
    workgroup = WORKGROUP
    keepalive = 3600

    ; Logging
    log level = 1
    log file = /var/log/samba/log.%m
    # passwd chat debug = yes

    ; Domain parameters
    domain logons = yes
    domain master = yes
    local master = yes
    preferred master = yes
    wins support = Yes
    os level = 65
    remote announce =
    Raffi, Feb 6, 2004
  4. Sigh, another top poster.

    Leave the "os level" at its default.

    Ensure each w/s is a member of the the workgroup "WORKGROUP"
    under My Computer/Properties.

    Ensure that each w/s is configured to use the Samba system
    as a WINS server under control panel/network interfaces/TCP/IP etc.

    I would probably configure the DHCP server on the same host
    as Samba, configure the router as appropriate, and check out
    "option netbios-node-type" on dhcp-options.

    Bob { Goddard }, Feb 6, 2004
  5. Raffi

    Raffi Guest


    Sorry about top posting :)

    The problem turned out to be related to server access. Although I had
    made the necessary changes to the server firewall rules to allow the
    new network access, i hadn't done the same to hosts.allow. Once I
    fixed that, both logging on and browsing started working.

    As for the WINS server to be added under the network interface
    properties, this is indeed necessary for browsing shares using netbios

    Anyway, I'm glad this was a simple oversight on my part. Thanks for
    reading my posts and for making helpful suggestions.

    Raffi, Feb 6, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.