New
#1
OpenVPN is public network and access to SMB share doesn't work
Hello, i still didn't found solution for this.
I have some Linux servers with latest versions of OpenVPN and some OpenVPN clients. OpenVPN works just fine, access from Linux or Windows 7 clients too. There is no problem. I am very sure Samba, firewall and OpenVPN server are configured correctly.
Problem is with Windows 10 and i am not sure when it started, maybe after some last update. I don't know.
Problem is - the network through virtual network adapter "TAP-Windows Adapter V9" is always identified as public and there is no user accessible option how i can configure it as private network.
I found command for powershell in this thread (Set Network Location to Private or Public in Windows 10 | Windows 10 Tutorials), but it doesn't help permanently and it doesn't enable access to SMB share anyway. I can even reconfigure all unknown networks in secpol.msc as private, which i believe is very insecure behavior, but for testing i tried it. It didn't help either.
I have for testing two notebooks and one virtual installation (QEMU). On one notebook access to Samba share works just fine, on virtual and second notebook it does't. It is same OpenVPN, same key for notebooks (why not if they are not connected at a same time) and different key for virtual.
I am using OpenVPN GUI, which is running as W10 service under system priviledges. I have set DNS and route by push parameters in OpenVPN config on server, i have propper server key verification. There is no warning in OpenVPN log.
When access to the SMB share doesn't work, W10 displays error message "0x80004005" which i beleive means it is blocked by local W10 firewall, because "Network discovery" is disabled for public networks.
In one case i tried explicitly allow all trafic from and to the IPv4 address of my server in VPN for all protocols. It didn't help either.
On virtual is no additional firewall/antivirus. On one of notebooks, which does'n work, is installed AVG, but without firewall module.
Question is
- how i can override this behavior?
- how i can tell W10, my OpenVPN network is safe and private?
- how i can do more diagnostics? Wireshark? What i should investigate?