[vpn-help] Require help with troubleshooting samba shares over ipsec

Sun Aug 29 19:08:44 CDT 2010

Hi Matthew
Have given this another go from home on the weekend, appears that MTU
may be the issue.  The 1500 byte ping does not work, dropping it below
1000 works though, so I am assuming the MTU is set too high on the
server?
I'll bounce this off of our app server hosting guys.
Cheers,
Brett

-----Original Message-----
From: Matthew Grooms [mailto:mgrooms at shrew.net] 
Sent: Tuesday, 24 August 2010 2:16 PM
To: Brett Morrison
Cc: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] Require help with troubleshooting samba shares
over ipsec

On 8/20/2010 2:00 AM, Brett Morrison wrote:
> Hi Matthew
> Just an update on this situation.
> We have tried another couple of changes, but nothing seems to help.
> We have also tested Shrewsoft VPN 2.1.6 (as per your link) on a win XP
> sp3 machine, and this suffers the same problem.
> As noted previously this was not a problem with Juniper Netscreen
Remote
> Client, which connects to the same gateway, using the same user
> accounts. But I have never liked Netscreen...
> Do you have any other ideas at the moment?

Hi Brett,

Sorry for the delay. I have been extremely busy the last week. As for 
your issue, here are a few more things to try.

1) Can the client host resolve the samba server using netbios or is it 
only accessible using the IP address? If the latter is true, have you 
tried manually adding an entry to the smhosts file and then trying to 
access the samba share?

2) Can you ping the host using a 1500 byte packet size ( ping -l 1500 
x.x.x.x )? If not, then this very well still be MTU related.

-Matthew
############################################################################################################
Attention: 

Hyne and Son Pty Limited trading as Hyne Timber reserves the right to monitor all e-mail communications throughout its corporate network. This e-mail and any attachments are confidential and may be privileged in which case neither is intended to be waived.  
If you are not the intended recipient (or responsible for delivery of the message to such person), any use, interference with, disclosure or copy of this material is unauthorised and prohibited. 
If you have received this communication in error, please notify us immediately by return e-mail, and destroy the original communication.
This communication has been scanned and cleared by Hyne Timber's corporate virus scanning software, however it remains your responsibility to scan for viruses and other defects prior to use.  Hyne Timber shall not accept any loss or damage caused directly or indirectly to you or any third party by this communication.
Any views or opinions presented are solely those of the sender, unless stated otherwise and the content may not necessarily represent the views of Hyne Timber.