| 2:00 pm on Mar 21, 2006 (gmt 0)|
Is there a firewall between the machines?
Are you trying to access the server by name or by ip address (\\a.b.c.d\sharename or \\hostname\sharename)?
| 2:30 pm on Mar 21, 2006 (gmt 0)|
Neither name nor ip address works. Win explorer sits and hums for a while and then tells me that it can't be found. There is a router, but the server is listed as the DMZ for that router and I can connect to other things on that server - SSH, RSYNC, Webmin, FTP, HTTPD (before I turned it off).
| 2:53 pm on Mar 21, 2006 (gmt 0)|
Can you view the shares on the Samba server? (net view \\a.b.c.d)?
Is authentication required for connections? Have you tried turning this off in smb.conf to see if it makes any difference? ("Public = yes", in which case "Read only = yes", and having only a dummy share configured might be a good idea from a security PoV)
Have you looked in the Samba log files to see if it shows anything? You can turn up the logging in smb.conf using the "log level = X" entry, where X goes from 0 to 10.
Is there a firewall of any kind on the box running Samba? Are you using hosts.allow and/or hosts.deny?
Did you compile Samba yourself, or was a prebuilt version supplied with the *nix distribution?
If you're on a broadband connection, it's possible that your ISP may be blocking certain ports (137-139 and 445 are the ones to check).
Finally, have you tried putting a Windows box (XP or Server) in place of the Samba server and seeing if you can connect to that?
| 2:56 pm on Mar 21, 2006 (gmt 0)|
Thanks for putting a list of things to check in one place. I've been looking all over the internet and have been trying things fairly sporadically.
I am using the Samba that came with the distribution, I didn't compile it myself.
How can I check to see if those port are blocked? If they are, how can I change what ports are used?
| 4:47 pm on Mar 21, 2006 (gmt 0)|
|How can I check to see if those port are blocked? |
Make sure you Samba server is up and running, then request a full port scan from somewhere like GRC's Shields Up [grc.com]
|If they are, how can I change what ports are used? |
I could be wrong, but I don't think you can change this easily, since a remote Windows client has no means to specify the port when it is connecting. The client just does "net use \\a.b.c.d\share", there's no "net use \\a.b.c.d:<port>\share" syntax that I'm aware of.
If you need remote access to a Samba or Windows share, I think you should be looking at a VPN rather than exposing Samba/Windows shares directly to the internet. The ports in question (139 and 445) are very frequently probed/attacked - see DShield [dshield.org] for more info.
| 11:43 pm on Mar 23, 2006 (gmt 0)|
Most likely your ISP is also blocking incoming port 139. There is no reason anymore for ISPs to permit that kind of traffic over its network. For example, I believe Telus in Canada started blocking port 139 sometime in 2004, to help prevent outbreaks of viruses and worms.
hope that saves you some trouble. You may want to look into other alternatives, maybe even something like tunnelling netbios through ssh? ( [lists.samba.org...] )