Re: [Samba] getent not working after installing firewall
- Date: Tue, 5 Mar 2019 10:44:53 +0100
- From: Peter Milesson via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] getent not working after installing firewall
On 05.03.2019 10:03, L.P.H. van Belle via samba wrote:
Chipping in here.
You are right about firewall boxes. At least Cisco ASA is a terribly
(over) complicated device. People who are not Cisco pros should be
warned. Stay away, you will just waste your time, get frustrated, and
get sleepless nights.
I don't blame the Cisco ASA here. In my case, I hadn't much
management wants network connection with Apple stuff. The only
reasonable solution I found was Cisco AnyConnect. Just
recently, I found
that OpenVPN works with Apple devices at the moment (no guarantee for
the future, seems to be an on/off type relationship between Apple and
OpenVPN). So I've ordered a Linux based router/firewall with
replace the Cisco stuff. Hope the ON-relationship stays for
the next few
I totaly get this.. I "also" did have 1 Cisco ASA, but, after 1 year, i removed it and put in shelve.
Why, yes, the Cisco has a great future set, but for every future you need get set contracts.
And I dont like all the Cisco contracts, (and backdoors...)
After 1 year, i could not even get a new firmware, because i did not have a support contract.
... WHAT.. No firmware because i dont want a support contract.. Hell no.. so bye bye cisco..
Never ever ever a Cisco for me..
If you want simple but good, look at draytek. More advanced, juniper, opensouce pfsence
What you want is Strongswan + openvpn.
I've a strongswan roadwarrior setup, compatible with win7-10/IOS/Android use strongswan app
All the client OS are native supporting the vpn setup.
And openvpn as backup, for network not supporting ipsec passthrough.
Or, install pfsence, does the same as the cisco and probley more.
You want apple stuff.. Install avahi on every server, samba/cups etc, should work out of the box.
Airprinting through cups works fine here, that needs some work, but im running it about 2 years now.
If you want info about above just pm me, no problem.
Thanks for you kind offer! I totally concur with your opinion about Cisco.
I needed something really simple for the iOS, and at the moment of
choice, there was only Cisco AnyConnect that fulfilled the criteria.
Presently, I have already replaced AnyConnect with OpenVPN, just routing
it through the ASA to a couple of internal OpenVPN servers. The
management don't do fancy stuff like printing (:-o) it's just about
I had a look at Draytek, looks good, but the distribution here in
Czechia seems to be very patchy. At the moment my needs are quite
simple, just routing, standard firewalling, NATing, and VPN. I have an
old PC/router with Linux and iptables laying around, but I need more
than 6 ethernet ports, which makes a commercial router the only
reasonable choice. A bit off topic ;-)
To unsubscribe from this list go to the following URL and read the