#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    5
    Rep Power
    0

    Setting up remote File sharing server that runs on Ubuntu (clients on Win7)


    Hello,

    I run a small R&D and manufacturing company, and now we are in the phase of a small growth, which forces us to find a way to share files in an efficient way.

    Our computers are running on Win7 platform, and we would like to have a common network drive which holds our important files (project files, and an Microsoft access database file ).

    It's also important that we can access this network drive no matter where are we in the world at the moment as long as we have internet connection, so a simple LAN is not an option because it is limited to a specific location.

    Dropbox (our temporary solution) is a bad solution for us since it generates conflicted copies if more users are using the database file.

    What I tried to do is to set up our own dedicated remote server running an Ubuntu platform (I downloaded the newest ubuntu version, don't know the version by heart but I can look it up if needed).

    On this server I have installed Softether VPN server that creates a VPN connection between the server and the client computers which are running sofether on windows.
    The plan was then to set up samba which would share a folder on server HDD to all of our client computers.
    I installed samba, but I can not get the server name displayed on client computers when I go in My Computer->Network.

    Do I need to configure samba so that it works through this VPN interface or you would suggest something else ?
    I ask this because if I connect a computer in the LAN network together with the server then I can notice this shared drive. So it means samba is working but not through the VPN !

    Since this is my first excursion to linux, it's possible that I did everything in much more complicated way.

    I am willing to listen all sorts of advices and critiques are very welcome.


    Thank you everyone, and yes, I wish you all
    - a happy New Year !
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2008
    Posts
    186
    Rep Power
    7
    Originally Posted by Stype
    Hello,

    I run a small R&D and manufacturing company, and now we are in the phase of a small growth, which forces us to find a way to share files in an efficient way.

    Our computers are running on Win7 platform, and we would like to have a common network drive which holds our important files (project files, and an Microsoft access database file ).

    It's also important that we can access this network drive no matter where are we in the world at the moment as long as we have internet connection, so a simple LAN is not an option because it is limited to a specific location.

    Dropbox (our temporary solution) is a bad solution for us since it generates conflicted copies if more users are using the database file.

    What I tried to do is to set up our own dedicated remote server running an Ubuntu platform (I downloaded the newest ubuntu version, don't know the version by heart but I can look it up if needed).

    On this server I have installed Softether VPN server that creates a VPN connection between the server and the client computers which are running sofether on windows.
    The plan was then to set up samba which would share a folder on server HDD to all of our client computers.
    I installed samba, but I can not get the server name displayed on client computers when I go in My Computer->Network.

    Do I need to configure samba so that it works through this VPN interface or you would suggest something else ?
    I ask this because if I connect a computer in the LAN network together with the server then I can notice this shared drive. So it means samba is working but not through the VPN !

    Since this is my first excursion to linux, it's possible that I did everything in much more complicated way.

    I am willing to listen all sorts of advices and critiques are very welcome.


    Thank you everyone, and yes, I wish you all
    - a happy New Year !
    Firstly, why linux? Samba is certainly heading in the right direction however you are going to face many more issues when using cross platform setups, espicially on the server side. (IE printing, file sharing and remote desktop are all a mission between windows and linux based platforms).

    Your better off installing windows server 2008 or preferably windows server 8. Then use the built in VPN functionality within RRAS. This gives you print servers, RDP access and even a domain controller if you ever decided you needed it. Its also has a UI where most stuff in linux is more command line based. Linux is however more resource friendly.

    Secondly is security. With personnal data and espicially business related, are you willing to trust yourself with ensuring all this info is secure. I mean, everything is behind SSL and configured correctly. At the end of the day, it may be worth just hiring an IT firm to actually do it right, this puts the responsibility onto them. Given my current knowledge, I myself would not do what you are trying to do without prefession experiance, up-to-date top of the line hardware like cisco router and ASA firewalls.

    See what you think about that and get back to us, good luck
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    5
    Rep Power
    0
    Originally Posted by onlinegamesnz
    Firstly, why linux? Samba is certainly heading in the right direction however you are going to face many more issues when using cross platform setups, espicially on the server side. (IE printing, file sharing and remote desktop are all a mission between windows and linux based platforms).

    Your better off installing windows server 2008 or preferably windows server 8. Then use the built in VPN functionality within RRAS. This gives you print servers, RDP access and even a domain controller if you ever decided you needed it. Its also has a UI where most stuff in linux is more command line based. Linux is however more resource friendly.

    Secondly is security. With personnal data and espicially business related, are you willing to trust yourself with ensuring all this info is secure. I mean, everything is behind SSL and configured correctly. At the end of the day, it may be worth just hiring an IT firm to actually do it right, this puts the responsibility onto them. Given my current knowledge, I myself would not do what you are trying to do without prefession experiance, up-to-date top of the line hardware like cisco router and ASA firewalls.

    See what you think about that and get back to us, good luck
    You are completely right. After spending 2 weeks trying to get the linux working, I gave up and installed windows server 8.

    One of the rare moments in your life where you thank god for Microsoft. I was looking at those nicely designed answers on their website and could not believe the huge user experience difference between the linux and windows server.

    I already have my network running, the only thing is that I don't use built in VPN functionality, but still the softether software.

    I was afraid that built in VPN could have problems with the NAT firewall.

    However it should work probably even better with that one, so I'll give it a try as well.

    Thank you for your support,
    Stjepan
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2008
    Posts
    186
    Rep Power
    7
    Originally Posted by Stype
    You are completely right. After spending 2 weeks trying to get the linux working, I gave up and installed windows server 8.

    One of the rare moments in your life where you thank god for Microsoft. I was looking at those nicely designed answers on their website and could not believe the huge user experience difference between the linux and windows server.

    I already have my network running, the only thing is that I don't use built in VPN functionality, but still the softether software.

    I was afraid that built in VPN could have problems with the NAT firewall.

    However it should work probably even better with that one, so I'll give it a try as well.

    Thank you for your support,
    Stjepan
    Great to hear, also temviewer offers pretty good VPN functionality
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    5
    Rep Power
    0
    Originally Posted by onlinegamesnz
    Great to hear, also temviewer offers pretty good VPN functionality
    I tried it, but TeamViewer had problems digging through the firewall.
    And softether is more lightweight as well and very configurable... So I prefer it over TV (which I also have in case of a remote assistance)

    Cheers!
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2008
    Posts
    186
    Rep Power
    7
    One thing i forgot to mention which may interest you.

    Setup your server with 2 NICs one serving LAN and one serving WAN, this way there is a PHISICAL break between WAN and LAN traffic which you can use wireshark to keep an eye on ALL incomming ans outgoing traffic

  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    5
    Rep Power
    0
    Originally Posted by onlinegamesnz
    One thing i forgot to mention which may interest you.

    Setup your server with 2 NICs one serving LAN and one serving WAN, this way there is a PHISICAL break between WAN and LAN traffic which you can use wireshark to keep an eye on ALL incomming ans outgoing traffic

    This is a good idea, but the problem with my config is that I basically don't have a LAN.
    Even my lan goes to our NAT, and then it's routed to a different subnet.
    So to the server all packages come on the same interface...
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2014
    Posts
    5
    Rep Power
    0
    Originally Posted by Stype
    This is a good idea, but the problem with my config is that I basically don't have a LAN.
    Even my lan goes to our NAT, and then it's routed to a different subnet.
    So to the server all packages come on the same interface...
    (And I don't have a control over this infrastructure because we're located in a business incubator)
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2008
    Posts
    186
    Rep Power
    7
    Originally Posted by Stype
    (And I don't have a control over this infrastructure because we're located in a business incubator)
    Your LAN where WAN traffic is comming in then would be considered your WAN. So even though your on a LAN, the first NIC would be the very first point of entry for traffic before you start internetworking the rest of your LAN,

    So where your incomming LAN is, in your case lets say WAN as its providing you with an internet connection.

    So lets take the first point of your incomming LAN/WAN into your first NIC, then from there go out to your LAN.

    This will require RRAS being installed to configure a route between these two interfaces.

    In your situation, you may already be pretty well secured in that case. But could be an option just for peace of mind, depends how "paranoid" you are about security i guess.

    Ive been hacked once, similar setup to yours however it was an educational setup. This allowed me to disabled the LAN interface completely blocking any PHISICAL acces to the LAN, then I let the attack continue with wireshark running so Incould gather as much information as possible. Ofcourse taking forgranted you have no personnal data on the server itself then you would just disable the WAN nic aswell

IMN logo majestic logo threadwatch logo seochat tools logo