pfSense Gold Subscription

Author Topic: windows file share in DMZ  (Read 199 times)

0 Members and 1 Guest are viewing this topic.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
windows file share in DMZ
« on: December 05, 2017, 09:38:07 am »
Good Day people

I have
WAN:x.x.x.0/26
LAN: 192.168.0.0/20
DMZ: 192.168.18.0/24

There are a few devices, servers and NAS in the DMZ and they all have the same rules at the moment in the DMZ interface.
I have web access from the LAN to both NAS and windows servers, and RDP to Windows Servers. Also for the file share on \\NAS-1\ShareName I have access from the LAN also if I use the NAS IP \\192.168.18.x\.

My problem is that I can not access the windows shared folder.. not with\\WinSeverName\ nor with \\192.168.18.x <IP Addresss>.

All ports seem to be open for all protocols IP*

What I am missing here?

Thanks

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #1 on: December 05, 2017, 11:40:11 am »
If they are all on the same LAN segment then I would suggest looking at the machine itself, i.e. go to the advanced sharing options on the server and check there.

The only time I have had problems with Windows, well as far as sharing goes, I've had lots of other problems, is when the something in the sharing options was not configured correctly.
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: windows file share in DMZ
« Reply #2 on: December 05, 2017, 11:58:08 am »
Probably the Windows firewall.  I think it's set to block traffic from outside the local subnet.  Disable it and see if that helps.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: windows file share in DMZ
« Reply #3 on: December 05, 2017, 01:50:00 pm »
@KOM, the windows firewall is turned off... the only FW is pfSense and that has IP* open to and from the LAN

@marjohn56, they are on different subnets and all other services work to and from them  but the file share.

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #4 on: December 05, 2017, 01:54:01 pm »
What is the IP and mask of the offending device and the same info from the machine trying to connect to it?
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #5 on: December 05, 2017, 01:56:35 pm »
Also forgot to ask, the file server is running what Windows OS, and the same question for the client machine?

Just trying to build a full picture.
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: windows file share in DMZ
« Reply #6 on: December 05, 2017, 02:04:03 pm »
Look at your firewall log and see what is being explicitly blocked and work backwards from there.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: windows file share in DMZ
« Reply #7 on: December 05, 2017, 02:33:38 pm »
 @marjohn56
LAN side IP 192.168.1.90 (Win 10 Pro)
DMZ side IP 192.168.18.203 (Win 2012 R2)

@KOM
That is just it, nothing is being blocked. For example, the file share on the NAS (192.168.18.202) can be connected to from Win 10 (192.168.1.90).

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #8 on: December 05, 2017, 02:43:06 pm »
And you can RDP to the server from the client?

Can you try creating a share on the client, then connect to it from the server, then try the server from the client again if that works.
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: windows file share in DMZ
« Reply #9 on: December 06, 2017, 01:18:32 am »
I am able to RDP to the Windows 2012R2 machine from the Windows 10 machine and the other way around as well....
Can not connect to shares in either direction.

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #10 on: December 06, 2017, 01:28:58 am »
I have had this issue in the past, drives you nuts.

Here's a thread with lots of users suffering from the same issue and many different 'fixes'.

https://community.spiceworks.com/topic/1162811-windows-10-can-t-access-network-shares
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: windows file share in DMZ
« Reply #11 on: December 07, 2017, 02:20:45 am »
@marjohn56 sorry to say, but I tried all that was talked about it the link you sent, although I don't think it is applicable to my topology....  thanks for trying to help.
I am still looking for a solution.

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #12 on: December 07, 2017, 02:28:23 am »
I doubt it's anything to do with the network.
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline marjohn56

  • Sr. Member
  • ****
  • Posts: 526
  • Karma: +51/-2
    • View Profile
Re: windows file share in DMZ
« Reply #13 on: December 07, 2017, 02:30:55 am »
@marjohn56 sorry to say, but I tried all that was talked about it the link you sent, although I don't think it is applicable to my topology....  thanks for trying to help.
I am still looking for a solution.

Can you do a little schematic of the Network.
pfSense 2.4.3 on Qotom Q355G4 or APU2C4 - Billion 8800NL (bridge) - ISP Zen U.K.
Please do not PM me for help. I have a life to live too.

Offline kuberan

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: windows file share in DMZ
« Reply #14 on: December 07, 2017, 10:28:42 am »
Hope this helps....
192.168.18.201 and 192.168.18.203 can see each other's shares

From 192.168.1.90 I can see the shares on 192.168.18.201
From 192.168.1.90 I can RDP to 192.168.18.203 but the problem is connecting or seeing any shares (\\192.168.18.203)