locked
File sharing behind firewall RRS feed

  • Question

  • Hi all,
    My company has set up firewall policy for security propose.  But now,
    some of the share folders between servers got problem. We already grant the access with port 139 for file sharing

    e.g. serverA access serverB share folder
    in Explorer of serverA, i simply type \\serverB
    It can't locate serverB
    If I use \\serverB.domain.com
    it succeeds! 

    Moreover, it works on another server without append the domain in serverA

     

    Kindly advise.  Thanks a lot.

     

    Thursday, November 15, 2007 10:31 AM

All replies

  •  

    Using \\serverB.domain.com bypasses NetBIOS name resolution as serverB.domain.com is a domain name and as such is resolved via DNS, not NetBIOS.  \\serverB is a NetBIOS name and as such uses the NetBIOS name resolution protocol, which uses UDP port 137.  TCP port 139 is for NetBIOS session services and UDP port 138 is for NetBIOS datagram services.  If you want to be able to share folders between your servers and refer to the servers via NetBIOS names (instead of DNS names such as serverB.domain.com) then you will require firewall exceptions for UDP port 137, UDP port 138 and TCP port 139 be configured between all your servers.  Enabling TCP port 139 only will all folder sharing using either \\<ip-address>\share or \\<FQDN>\share but not \\<NetBIOS-name>\share as you have seen.  Do you have firewall exceptions for all three of these ports?

     

    -Eliot

    Friday, November 16, 2007 2:15 AM