Unable to Telnet Azure Storage File Share (SMB) on port 445

Abhi

Hello,

We are using TZ370 and I have a created a SMB file share on Azure. Now, I am unable to connect to that Azure File share behind the firewall from my office system. Can someone help me to allow SMB 445 on TZ370 firewall. I checked the LAN-->WAN rule and everything is allowed. Thanks and I would appreciate your help!

TKWITS

Are you sure the firewall is blocking it? Have you run a packet capture?

Abhi

Hello TKWITS,

Thanks for your reply! I did it. Please check the snip for the same:-

TKWITS

The packet capture shows that the packet was forwarded...

Abhi

Yes, I am able to connect to the Azure FileShare from my home or if I'll connect my system to the internet via my cellphone hotspot, it connects too. But not from the office Network.

jtpryan

I am having the same issue. Can somebody explain clearly how this rule should be set up? Maybe a screenshot?

TKWITS

The default LAN to WAN IPv4 rule allows traffic from any source to any destination on any port. If you have disabled the default rule you will have to create a rule as follows (note assumptions are made, this is not intended to define your ruleset but provide guidance):

Source Zone: LAN

Source Address: Any

Source port: Any

Destination Zone: WAN

Destination Address: Any (or your Azure IP)

Destination port: (a Service Object for TCP port 445)

There are security considerations to be taken into account.

See also: https://support.microsoft.com/en-us/topic/preventing-smb-traffic-from-lateral-connections-and-entering-or-leaving-the-network-c0541db7-2244-0dce-18fd-14a3ddeb282a