Samba Traffic Getting Blocked

qwazi

Hello,

I've tried to alter the current System rules for Samba traffic, and I tried creating new ones. No matter what I do I can't connect to any of my network drives using Samba traffic. If I turn off the firewall it connects just fine, but when it's turned on it blocks it and I don't get any popup to allow it either.

I'm trying to use \\networkaddr in Windows and I wish to use map network drive. Could anyone please give me a hint on how I should get this working? I've tried creating a rule for System applications that allow pretty much everything but to no avail. I turned off the firewall and looked at the activity. What I got was a System activity as:

Localhost:port => remoteaddress:SMB

The Localhost port wasn't a typical Samba port so I tried creating a custom rule that allowed any port from local host as long as the remote was SMB traffic, but that didn't work either.

Unknown

Here's a few things that you can try:

- in Firewall - Network - try setting the Trust Level to "Trusted Local" and Stealth to "No";

- then in the Zones part of the window click on the "+" and add the IP address of the machine where you have the network drive - set the new rule to "Allow"

Please tell me if there were any improvements after using these settings.

qwazi

Here's a few things that you can try:

- in Firewall - Network - try setting the Trust Level to "Trusted Local" and Stealth to "No";

- then in the Zones part of the window click on the "+" and add the IP address of the machine where you have the network drive - set the new rule to "Allow"

Please tell me if there were any improvements after using these settings.

No improvement

Unknown

I'm going to create a ticket in the support database on your behalf and send you an e-mail requesting some logs from the machine in order to further troubleshoot this issue.

qwazi

Solved.

There were two problems.

1. A Kerberos call was blocked. Opening the appropriate port for the lsass application solved that problem.

2. In my previous attempts to create a rule I wrote SMB as permitted ports. The SMB "variable" includes port 445, but my Samba share also utilizes ports 137-139 (which are also Samba ports). After I added ports 137-139 to the rule it worked nicely.

Thanks for the assistance.