[nycbug-talk] Fwd: RE: need help asap, will pay, ms vpn client

Bob Ippolito bob
Fri Mar 18 00:02:53 EST 2005 

On Mar 17, 2005, at 22:57, Mikel King wrote:

>
>
> George Georgalis wrote:
>
>> On Wed, Mar 16, 2005 at 11:10:51PM -0500, Okan Demirmen wrote:
>>
>>> On Wed 2005.03.16 at 17:45 -0500, George Georgalis wrote:
>>>
>>>> My preliminary was to do tcp only port forwarding of said ports to 
>>>> a box
>>>> behind it running samba. The client is not able to "browse" 
>>>> discover the
>>>> share, but if the (gateway) hostname, user and password (samba host)
>>>> is specified, the client can mount user homes from the samba server
>>>> through the firewall via tcp only (the protocol calls for tcp and 
>>>> udp
>>>> 137,138,139).
>>>>
>>>> This means, a roaming windows client can setup (putty) ssh -R 
>>>> tunnels to
>>>> a remote gateway which allows for smb connections from localhost to 
>>>> the
>>>> private smbserver. So the roaming client can specify, via "netuse" 
>>>> the
>>>> gateway as the location of their shares and mount the protected 
>>>> samba
>>>> share through the encrypted tunnel.
>>>>
>>> this may not be much help to your issue, but if are limiting your
>>> roaming clients to smb shares, why even use smb? win2k and above,
>>> osx, and any unix can do webdav. easy to setup on the samba server.
>>> and seemless to the client - looks like a smb share....and all on
>>> one port - 80 (and/or 443).
>>>
>>
>> 443/htpasswd/mod_dav is on the gen two plan. I've never build apache2,
>> and I can expect some trial and error with both apache2 and mod_dav,
>> but I've got a set of other things that don't give me time in the day
>> to, well you know, and this is a no mistakes, regulated production
>> environment.
>>
>> Anybody want to demo mod_dav and/or write up a cheat sheet? I spent
>> :20 trying to get apache21 to build on DFLY but there is something
>> wrong with perl, so I've never had 2.1 up at all...
>>
> I've set up dav before, and from what I recall the docs on apache's 
> site were pretty straight forward, but I do remember there were some 
> missing elements, I just don't recall if it was to do with php or dav. 
> I'll poll my notes and see if it merits a DN article, is that a good 
> idea?

The only "gotcha" I've ever run into configuring mod_dav is that you 
have to remember to add in a DAVLock parameter (I think that's what 
it's called -- RTFM).

The other is that not all WebDAV clients are created equally.  Some 
have weird issues (Mac OS X goes nuts if you WebDAV with resource forks 
in my experience) and some don't support it over https.

-bob

More information about the talk mailing list