<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: Naoki <i_naoki,AT,mbf,DOT,nifty,DOT,com>
Subject: Re: Redhat9 CIPE
From: Les Mikesell <les,AT,futuresource,DOT,com>
Date: 24 Jul 2003 11:35:03 -0500
Cc: cipe-l,AT,inka,DOT,de
In-reply-to: <000c01c351f9$9217b680$c801a8c0@naoki3>
Organization:
References: <000c01c351f9$9217b680$c801a8c0@naoki3>

On Thu, 2003-07-24 at 10:38, Naoki wrote:

>  Are there any ways to see NetBIOS name without wins server ?
> 

You need it if you want to be able to browse the network neighborhood
across any kind of router.  This isn't related to cipe at all.

>  I guess, if iptables accepts port 137:139 for CIPE, I can see it.
> 
>  How is my guess ?
> 

If you know the IP numbers or the netbios names are the same
as DNS names you can connect to the shared resources without
WINS involvement.  

> In this situation, I must build a Firewall system with VPN for business.
> If I build Samba into this system, security will not be good.

Why do you say that?  Compared to Windows, Samba security is excellent.

> (And, if ClientPC is not on LAN(Ex.dial-up), there is not wins server.)

Look at the client IP number.  I think you'll see that it is on
the LAN and the server is forwarding broadcasts instead of
routing.

> Though I tryed to use lmhosts in WindowsPC on LAN2, I could not
> see the another side NetBIOS name on LAN1 directly.
>  After search this NetBIOS name, I could find it.

It won't show up in the browse list, but like using the IP number
or DNS name, it lets you connect if you know the resource name.

> Anyway, I really worry now. Since CIPE is faster than IPsec and is
> useful for NAT, I'd like to use CIPE very much.

You are going to have exactly the same issue with any solution
that works like a router and does not forward broadcasts. 

---
  Les Mikesell
    les,AT,futuresource,DOT,com


<< | Thread Index | >> ]    [ << | Date Index | >> ]