[stunnel-users] stunnel with smb from 2 networks behind firewalls

Philippe phil at migratis.net
Mon Mar 19 13:57:44 CET 2012 

Hello,

Here is my setup :

[PCA]-------------[Firewall-A]---------------{INTERNET}-----------[45.212.56.178:21213|Firewall-B|192.168.0.1:8139]--------[PCB]

PCA : Windows 7
stunnel.conf :

[smb]
client = yes
accept = 10.232.232.232:139
connect = 45.212.56.178:21213

PCB : Ubuntu Oneiric 11.10
stunnel.conf :

[smb]
accept = 8139
connect = 139

When I try to connect a network drive from PCA to a remote drive of PCB

here are the stunnel.log of PCA :

2012.03.19 13:47:02 LOG5[3744:2564]: Reading configuration from file 
stunnel.conf
2012.03.19 13:47:02 LOG5[3744:2564]: FIPS mode is enabled
2012.03.19 13:47:02 LOG7[3744:2564]: Compression not enabled
2012.03.19 13:47:02 LOG7[3744:2564]: Snagged 64 random bytes from 
C:/.rnd
2012.03.19 13:47:02 LOG7[3744:2564]: Wrote 0 new random bytes to 
C:/.rnd
2012.03.19 13:47:02 LOG7[3744:2564]: PRNG seeded successfully
2012.03.19 13:47:02 LOG6[3744:2564]: Initializing SSL context for 
service smb
2012.03.19 13:47:02 LOG7[3744:2564]: Certificate: stunnel.pem
2012.03.19 13:47:02 LOG7[3744:2564]: Certificate loaded
2012.03.19 13:47:02 LOG7[3744:2564]: Key file: stunnel.pem
2012.03.19 13:47:02 LOG7[3744:2564]: Private key loaded
2012.03.19 13:47:02 LOG7[3744:2564]: SSL options set: 0x01000004
2012.03.19 13:47:02 LOG6[3744:2564]: SSL context initialized
2012.03.19 13:47:02 LOG5[3744:2564]: Configuration successful
2012.03.19 13:47:02 LOG7[3744:2564]: Service smb closed FD=200
2012.03.19 13:47:13 LOG5[3744:3940]: Service smb accepted connection 
from 10.232.232.232:50004
2012.03.19 13:47:13 LOG5[3744:3940]: connect_blocking: connected 
45.212.56.178:21213
2012.03.19 13:47:13 LOG5[3744:3940]: Service smb connected remote 
server from 192.168.3.4:50005
2012.03.19 13:47:43 LOG3[3744:3940]: readsocket: Connection reset by 
peer (WSAECONNRESET) (10054)
2012.03.19 13:47:43 LOG5[3744:3940]: Connection reset: 143 bytes sent 
to SSL, 0 bytes sent to socket

No logs on PCB


it seems that the SSL connection doesn't cross the firewall B, if not I 
would saw logs in stunnel.log of PCB isn't it ?
What can I do better to make this setup working ? Does the firewall B 
porforwarding is blocking the process ?

Best regards

Philippe

More information about the stunnel-users mailing list