Topic: Problems with SME and multiple subnets

[n0lqu]

I'm installing SME into an existing network with multiple subnets and a Cisco PIX firewall doing the routing between them.  I'm able to sign a Windows XP client on without problems when it's on the same network as the SME server, but I've been unable to get it to sign on from the other subnets.  I've added conduits through the firewall for all the ports I can think of: 137-139 (netbios), 445 (directory services), 1512 (wins), and 53 (dns).  The Windows XP computer is statically assigned an address, I've listed the SME server in LMHOSTS and also set WINS to point to it, but it can't seem to access the server when not on the same network.  Can't sign on, can't find it in My Networks, can't successfully use NET VIEW \\SERVERNAME, NET VIEW \\IPADDRESS, NET USE X: \\SERVERNAME\SHARE, etc.

So, any ideas what I might have missed?  Would an alternate short term or permanent solution be to put two or three more network cards in the SME machine, each one connected to a respective network, thus giving each network direct access to the server and bypassing the internal firewall for SMB traffic, and would there by any security implications -- the SME server wouldn't erroneously route traffic between the subnets instead of the firewall?

Thanks for any tips any SME or Samba wizards might have!

[duncan]

Add the alternate subnets to your "local networks" tab in the server manager. Its in the manual.

[n0lqu]

Add the alternate subnets to your "local networks" tab in the server manager. Its in the manual.

Thanks for the suggestrion!  I already did that early on, though, so that's not it.  What other things might I have forgotten?

BTW, I didn't mention though it could probably be inferred that I've got SME set up in server-only mode rather than one of the gateway modes.

[duncan]

BTW, I didn't mention though it could probably be inferred that I've got SME set up in server-only mode rather than one of the gateway modes.

Shouldnt make any difference - I have a Server-only machine here connecting with multiple subnets (including remote internet addresses).

[n0lqu]

BTW, I didn't mention though it could probably be inferred that I've got SME set up in server-only mode rather than one of the gateway modes.

Shouldnt make any difference - I have a Server-only machine here connecting with multiple subnets (including remote internet addresses).

Are your subnets connected via routers, or so you have multiple network cards in your SME server, or are you running your multiple subnets on one physical network?

[duncan]

Subnets are connected via router (Gateway). IPSec vpns to remote offices.

[n0lqu]

Subnets are connected via router (Gateway). IPSec vpns to remote offices.

Sounds like you've got a similar setup, other than your networks are connected by a router rather than a firewall.  I'm still wondering if my firewall is blocking some little known port that needs to be open.

I'll be working on it some more this weekend.  Any other ideas of things to check or try would be appreciated!

[n0lqu]

Add the alternate subnets to your "local networks" tab in the server manager. Its in the manual.

Turns our your original answer was right on the money.  I'd added the subnet to my "local networks" previously but when I went back to double-check over the weekend found a typo. I fixed it and it's now working as expected.

Thanks!