Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

access internal SMB server

Hi all,

I have an apparently easy configuration but I cannot make it work. I have a samba server in the internal network (X0) and I want to access it from the WAN (X1) interface.

The only unusual thing is that the firewall is protecting a porting of a LAN this is, X1 is connected to an internal network.

X1 is 10.10.3.141

X0 is 10.20.3.141

samba server is 10.20.3.110

I want to access smb server from a computer in LAN 10.10.3.x

these are the address objects

this is the NAT rule:

In the PC I try to reach the SMB server by typing on windows explorer:

\\10.10.3.110

It never reaches destination. What am I doing wrong?

Category: Entry Level Firewalls
Reply

Best Answers

  • CORRECT ANSWER
    shiprasahu93shiprasahu93 Moderator
    Accepted Answer

    @Cesar,

    That's my bad. This is straight forward for other services like HTTP and RDP but looks like will not work for SMB. The syntax itself will not be accepted for SMB.

    You can use the dummy IP as before and use SMB itself as the original service. Additionally, please add the following static ARP entry so that the dummy IP(mention the actual IP you want to use) is bound to X1 interface.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Answers

  • CesarCesar Newbie ✭

    Thanks a lot @shiprasahu93.

    What if I have two samba servers? I have actually two computers in X0 (LAN) interface. Your solution is perfect for a single SMB server (working now), but how can I do with the second server? This second server is a windows10 sharing some disks.

    Thanks in advance!

  • @Cesar,

    You can try a Port address translation for the second server. Here will be changes.

    Choose a custom port that can be used from outside like TCP 4444.

    NAT policy:

    Original source: Any

    Translated source: Original

    Original destination: 10.10.3.141

    Translated destination: Second Samba server

    Original service: TCP 4444

    Translated service: SMB

    Inbound interface: X1

    Outbound interface: Any

    Access rule:

    Source: Any

    Destination: 10.10.3.141

    Service: TCP 4444

    Action: Allow

    Use \\10.10.3.141:4444 on the browser and then test it out.

    Let me know if that works out. Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • CesarCesar Newbie ✭

    Hi @shiprasahu93 ,

    the original samba server keeps working fine but I cannot make the second one work. PC's Windows Explorar cannot find the "specified destination".

  • My suggestion is you could do "no nat" between PC and SMB servers.

    "no nat" rule between them and ACL permitting SMB traffic.

  • CesarCesar Newbie ✭

    It worked perfectly smooth. Thank you @shiprasahu93

  • CesarCesar Newbie ✭

    thank you @SEBASTIAN , it worked with @shiprasahu93 config. I'll give yours a try to see if it is easier.

    Best

Sign In or Register to comment.