# Best VPN port/package for Samba sharing



## Johnny2Bad (Sep 13, 2013)

Hi folks,

I wish to share my *S*amba shares across a VPN to a remote *W*indow*s* 7 machine. What would you guys recommend for being the best port for doing so?

I do not require internet access to pass through the FreeBSD machine, only Samba communication is required. In other words I only want communication between the *W*indows 7 machine and the FreeBSD machine when Samba is required. The M$ windowz MS Windows 7 machine is to use the Internet through its own modem. Sorry I've forgotten the technical term for such a configuration.

Thanking you in advance,
Jonathan.


----------



## junovitch@ (Sep 14, 2013)

I've done this with OpenVPN (security/openvpn).  With the configuration you want, you just won't need to use any push routes or redirect statements in your OpenVPN server configuration since you only have to reach one host on the distant end.  The only caveat is it needs to run as an admin on the Windows machine since it needs to be able to create the tunnel device.  Getting the hang of generating PKI keys the first time around also takes some time to get the hang of.

Take a look at the how to information http://openvpn.net/index.php/open-source.html.   If you can't make sense of it just ask.


----------



## kpa (Sep 14, 2013)

If it's necessary to "see" the shares in Windows' file browser you'll have to use a bridged VPN setup where the client gets handed an IP address from the LAN IP pool instead of a separate VPN IP pool. It is doable with security/openvpn.


----------



## Johnny2Bad (Sep 14, 2013)

Thank you for your advice. With this configuration security as Administrator on the Windows 7 machine is not a problem.

I was hesitant to choose OpenVPN because you do have to install the client on the Windows 7 machine. But if it is the best way to go, it's the best way to go.

I will let you know (in another thread) if I run into problems.

Once again thank you for your input,
Jonathan.


----------



## von_Gaden (Sep 15, 2013)

The need to install _a_ client on Windows should not bother you. You can use net/mpd5 to set up a PPTP VPN but since _a_ long time it's known as not so secure. The other option is to try something IPSec based (I don't have an idea what exactly) but IPSec sometimes has difficulties with certain firewalls, proxies or NAT configuration in routers.

To ensure proper function of network browsing you should redirect DNS (if you use Samba 4) or use WINS (for Samba 3). The following options in /usr/local/etc/openvpn/openvpn.conf should help you:

```
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option WINS 10.8.0.1"
```


----------

