none
Server 2012 R2 sends TCP RST in response to SMB2_SESSION_SETUP Request RRS feed

  • Question

  • We currently support SMBv1 based Authentication for EAP-MSCHAP2 support on a RADIUS Server and now looking to migrate to SMBv2.

    I'm able to successfully negotiate with dialect 0x0202 and when I send a SMB2_SESSION_SETUP request, I see a TCP-RST from the 2012 Server and no response.

    There's no response either success/failure and hence not able to identify if there's anything wrong in my request. I'm using KRB5 based buffer. I don't see any errors in the event viewer as well on the Server. 

    Friday, June 16, 2017 11:57 PM

Answers

  •  

    Hi PrativadiK,

    Thank you for contacting the Microsoft Open Specifications forum.   For the issue, a root cause of the closure is in the session setup.  Here is what to check:

    https://msdn.microsoft.com/en-us/library/cc246563.aspx

    SecurityMode (1 byte): The security mode field specifies whether SMB signing is enabled or required at the client. This field MUST be constructed using the following values.

         
      

    Value

      
      

    Meaning

      

    SMB2_NEGOTIATE_SIGNING_ENABLED

    0x01

    When set, indicates that security signatures are   enabled on the client. The client MUST set this bit if the   SMB2_NEGOTIATE_SIGNING_REQUIRED bit is not set, and MUST NOT set this bit if   the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is set. The server MUST ignore this   bit.

    SMB2_NEGOTIATE_SIGNING_REQUIRED

    0x02

    When set, indicates that security signatures are   required by the client.

    If you do see the issue still, please send the network trace to us at DocHelp@microsoft.com to my attention.

    Thanks,

    Nathan

    Wednesday, June 21, 2017 5:03 PM
    Moderator

All replies

  • Hi PrativadiK,

    Thank you for contacting the Microsoft Open Specifications forum.  We have received the request and reviewing further.  Someone from the team will be in touch to assist. 

    Thanks,

    Nathan

    Saturday, June 17, 2017 3:19 AM
    Moderator
  •  

    Hi PrativadiK,

    Thank you for contacting the Microsoft Open Specifications forum.   For the issue, a root cause of the closure is in the session setup.  Here is what to check:

    https://msdn.microsoft.com/en-us/library/cc246563.aspx

    SecurityMode (1 byte): The security mode field specifies whether SMB signing is enabled or required at the client. This field MUST be constructed using the following values.

         
      

    Value

      
      

    Meaning

      

    SMB2_NEGOTIATE_SIGNING_ENABLED

    0x01

    When set, indicates that security signatures are   enabled on the client. The client MUST set this bit if the   SMB2_NEGOTIATE_SIGNING_REQUIRED bit is not set, and MUST NOT set this bit if   the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is set. The server MUST ignore this   bit.

    SMB2_NEGOTIATE_SIGNING_REQUIRED

    0x02

    When set, indicates that security signatures are   required by the client.

    If you do see the issue still, please send the network trace to us at DocHelp@microsoft.com to my attention.

    Thanks,

    Nathan

    Wednesday, June 21, 2017 5:03 PM
    Moderator