Connect to Samba Shared Folder via Public IP Address

November 20, 2018 2.1k views
DigitalOcean Ubuntu 16.04

I just recently setup a Ubuntu 16.04 server on DigitalOcean and installed a few packages including Samba. The server is going to be used to host a website with Nginx, so I wanted to be able to drag and drop files into a shared folder from my Windows 10 machine. I did this on a local private server and it worked with no issues.

I have setup the Samba server the same way as I did the private server but I cannot setup a network connection to the share. I am trying to use the server’s public IP address to connect. This may not be the best way, but I am just getting started with the server and wanted to see if this is a possibility. So my first question, is it possible to access the Samba File shares via the public IP address of my Ubuntu Server?

I have several other applications, including Webmin and Shell In A Box working, so I know that I can connect to the server with it’s public IP address.

Here is what I have checked to make sure that nothing is being block. First I checked the smb.conf and also checked the file with testparm. An error did come back that the netbios name was too long, so I added a netbios name that fit the correct number of characters. Everything else was ok. Below the rest of the information about what I checked is my smb.conf.

I then checked the Firewall and below the conf file is the output of my firewall settings. Bare in mind that where it says <my ip address> this is the IP address of my network so that all internal individuals can access the server. We are a small company, so I allow everyone to access the server. The actual IP address was removed for privacy reasons.

Lastly I checked netstat to see if the server was listening on the ports and the last entry is the results.

Is there anything else I need to check if this will work or anything below that looks incorrect?

smb.conf:

[global]
socket options = TCP_NODELAY
obey pam restrictions = yes
server role = standalone server
dns proxy = no
log file = /var/log/samba/log.%m
workgroup = WORKGROUP
socket address = 0.0.0.0
map to guest = bad user
passwd program = /usr/bin/passwd %u
passdb backend = tdbsam
netbios name = MyServer
syslog = 0
panic action = /usr/share/samba/panic-action %d
max log size = 1000
server string = %h server (Samba, Ubuntu)
unix password sync = yes
pam password change = yes
usershare allow guests = yes
passwd chat = Enter\snew\s\spassword:* %n\n Retype\snew\s\spassword:* %n\n password\supdated\ssuccessfully .

[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no

[share]
writeable = yes
path = /var/www/html
write list = user1,user2
valid users = user1,user2
delete readonly = yes
directory mode = 777
create mode = 777

ufw status

To Action From


4200 ALLOW IN Anywhere

445 ALLOW IN Anywhere

22 ALLOW IN Anywhere

80 ALLOW IN Anywhere

443 ALLOW IN Anywhere

80,443/tcp ALLOW IN Anywhere

137,138/udp (Samba) ALLOW IN Anywhere

139,445/tcp (Samba) ALLOW IN Anywhere

Anywhere ALLOW IN <my network IP address>

4200 (v6) ALLOW IN Anywhere (v6)

445 (v6) ALLOW IN Anywhere (v6)

22 (v6) ALLOW IN Anywhere (v6)

80 (v6) ALLOW IN Anywhere (v6)

443 (v6) ALLOW IN Anywhere (v6)

80,443/tcp (v6) ALLOW IN Anywhere (v6)

137,138/udp (Samba (v6)) ALLOW IN Anywhere (v6)

139,445/tcp (Samba (v6)) ALLOW IN Anywhere (v6)

Netstat

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 0.0.0.0:4200 0.0.0.0:* LISTEN 1721/shellinaboxd

tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1565/mysqld

tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 19361/smbd

tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1808/perl

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1651/nginx -g daemo

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1587/sshd

tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1651/nginx -g daemo

tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 19361/smbd

tcp6 0 0 :::139 :::* LISTEN 19361/smbd

tcp6 0 0 :::80 :::* LISTEN 1651/nginx -g daemo

tcp6 0 0 :::22 :::* LISTEN 1587/sshd

tcp6 0 0 :::443 :::* LISTEN 1651/nginx -g daemo

tcp6 0 0 :::445 :::* LISTEN 19361/smbd

udp 0 0 0.0.0.0:10000 0.0.0.0:* 1808/perl

udp 0 0 10.<rest of internal ip>:137 0.0.0.0:* 19420/nmbd

udp 0 0 10.<rest of internal ip>:137 0.0.0.0:* 19420/nmbd

udp 0 0 142.<Public IP>:137 0.0.0.0:* 19420/nmbd

udp 0 0 142.<Public IP>:137 0.0.0.0:* 19420/nmbd

udp 0 0 0.0.0.0:137 0.0.0.0:* 19420/nmbd

udp 0 0 10.<rest of internal ip>:138 0.0.0.0:* 19420/nmbd

udp 0 0 10.<rest of internal ip>:138 0.0.0.0:* 19420/nmbd

udp 0 0 142.<Public IP>:138 0.0.0.0:* 19420/nmbd

udp 0 0 142.<Public IP>:138 0.0.0.0:* 19420/nmbd

udp 0 0 0.0.0.0:138 0.0.0.0:* 19420/nmbd

1 Answer
djw November 26, 2018
Accepted Answer

I know that your question was relating to Samba specifically, but you mentioned you were just getting started - so was there a specific reason to use that method for transferring files?

If not, then I’d recommend instead using WinSCP to transfer files to your server as that will still allow you the same drag-and-drop mechanism but instead it will use SCP/SFTP to transfer files to the server which will provide you better performance and security as the transfer would utilise an SSH connection instead and requires no additional setup (just provide the server IP, username and password or SSH private key).

  • Thank you for your answer. It’s funny, I actually abandoned Samba shortly after this post and went with FileZilla as my solution. It also supports SSH as well. It was definitely a lot easier than Samba.

    Thank you

Have another answer? Share your knowledge.