Topic: Need to access Samba-Share from Wireless Lan Router

[sugarcube]

I am running SME 7.4. External Network adapter is attached to a WLan Router. The Router is connected with my Sonos Zonebridge, which must have access to my SME-Server-Samba-Share containing my music. I can get access as desired if I connect internally (LAN) from any machine on my Network, but trying to connect via WLan is a no go.

Is there a way to connect to the Share over WLan? Do I have to configure the Server in a special way?
Any help is welcome.

[mmccarn]

Add the ip address (or the entire WLAN network) as a "local network" in server-manager.

[CharlieBrady]

Add the ip address (or the entire WLAN network) as a "local network" in server-manager.

I'd suggest not. The WLAN network is on the Internet side of SME server (connected via the External Network adapter). SME server doesn't pass samba traffic through from the Internet side.

Solution is to access the music via http. Put it in an i-bay with the appropriate protections.

[johnp]

Is there a need to have the wireless router on the wan side?

[sugarcube]

I guess adding the ip address to local networks is a security risk. My router is attached to the internet and all local machines must connect to SME-Server first to use the internet.

SME server doesn't pass samba traffic through from the Internet side.

Is there really no way to change this? The sonos Box needs direct access to the internet and a samba share. Using another iBay was my first idea, but as far as I understand it, samba is not an option then too. Am I right here? I contacted Sonos support and the say that http access is not the way to connect to my music here.

Is there a need to have the wireless router on the wan side?

Yes, definitely. The wireless lan router connects to my SME-server over ethernet and the wireless feature is a needed add-on, as I'd  need to wire the house otherwise. All wlan traffic to the local network is over openvpn and thus secure.

What about adding a third network adapter to the server? The zonebridge I am using is designed as a two-port-switch. It could be connected to the router on one side, having access to the internet and get its ip-address from there and access the SME-server via a third network adapter, which is shielded by the router FW and only acessible for the sonos box. Is this a way to go? And how do you add a third adapter? The configuration wizard does not handle more than two adapters. Would a third network card configuration, which was added manually "survive" a server reconfig?

[larieu]

could you consider to start for your user access with VPN on SME

set one dial up PPPoE to your WAN side of SME
and you'll receive one IP on that interface which is allowed into network

this is at least with some degree of security

[johnp]

I guess I would need a picture of your setup. What I was thinking, was to set it up
like this:

Internet - (WAN)SME Server/gateway(LAN) - Router changed to act as access point/Zonebridge/PC's

[sugarcube]

@larieu Not sure if I understand the idea behind it:

I am using VPN currently. If I grant VPN access to the user, the zonebridge, which must connect to the samba share would need to open the VPN-tunnel first, which is not possible as this box is not an interfaced computer (keyboard, shell...) but a piece of home entertainment equipment with a corresponding piece of software to configure it remotely. Unfortunately there is no way to add/use VPN features on it.

Do you possibly suggest to connect the Sonos box to a Computer on the WAN Side, which tunnels through to SME using VPN, so, that samba can be used? If so, I think it could be possible but only as a last resort, as it would mean that I have another computer up and running all time only for the purpose of accessing my music.

@johnp: Interesting idea. It could actually work. If I get you right, the Router-AP were local and part of my local network. The LAN currently is running on 10.0.0.x. I'd have to change that to 192.168.0.x, as my router is fixed on this IP-range. It is not even easy to test it.
I have uploaded a picture of my understanding of the different networks as discussd here:

Is this, what you suggested?

[johnp]

Picture 2 is what I'm talking about. Most wireless routers allow you to disable dhcp (most likely has limited configuration capabilities anyway) and permit you to assign it a static ip. You then can have the SME as the DHCP server for you LAN.

All devices would connect on the LAN ports in the router, except of course the internet connection.

[sugarcube]

SME is already DHCP-Server for the local network. If i connect the router to the SME-server internally, it would get an address from SME, as would the Sonos Box. W/o the router on the WAN-side of SME the Sonos Bridge possibly could access the internet via SME and the Samba share too.

I'll have to think this through, because there are a lot of screws to be turned then. I need to try some configurations too. Coming back with results soon.

Thanks everybody

[sugarcube]

Problem solved.

I changed the configuration to "Internet - DSL-Router - SME - Sonos-System" and it works fine. Sonos and wireless router now connected to the internal network over switch.

Thanks johnp and larieu for your help.

[cactus]

I changed the configuration to "Internet - DSL-Router - SME - Sonos-System" and it works fine. Sonos and wireless router now connected to the internal network over switch.

Good to see you got things sorted out. it seems the Sonos system does not need direct internet access after all as you stated earlier:

The sonos Box needs direct access to the internet and a samba share.