David Herselman

R80.10 Mobile Access - File Share

Discussion created by David Herselman on Sep 10, 2018
Latest reply on Sep 13, 2018 by Hugo van der Kooij

I configured a file share following the Mobile Access R80.10 Administration Guide (Mobile Access Applications).


When logging in to the SSLVPN portal I'm presented with the following:


If I enter '\\unix-01\public' it denies access:


If I however enter '\\\public' it works perfectly...



Mobile Access name resolution for the gateway is configured:


Running a tcpdump on (Samba AD Server) shows the DNS query being answered, with no other connections arriving:

[davidh@unix-01 ~]# tcpdump -i eth0 host -nn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
05:45:02.597653 IP > 38186+ A? unix-01.lair.co.za. (36)
05:45:02.598026 IP > 38186* 1/2/2 A (120)

2 packets captured
2 packets received by filter
0 packets dropped by kernel


Mobile Access log is generated:



Legacy Mobile Access policy should be allowing anything and everything:



Other observations:

  • Not sure why it resolves unix-01.lair.co.za when the Mobile Access name resolution is configured for a domain of 'ad.lair.co.za' but both unix-01.lair.co.za and unix-01.ad.lair.co.za resolve to when querying or
  • Accessing the UNC path using an IP (\\\public) results in nothing being logged anywhere.
  • Access deny rule record contains the share name twice, as shown above.