access internal SMB server
Cesar
Newbie ✭
Hi all,
I have an apparently easy configuration but I cannot make it work. I have a samba server in the internal network (X0) and I want to access it from the WAN (X1) interface.
The only unusual thing is that the firewall is protecting a porting of a LAN this is, X1 is connected to an internal network.
X1 is 10.10.3.141
X0 is 10.20.3.141
samba server is 10.20.3.110
I want to access smb server from a computer in LAN 10.10.3.x
these are the address objects
this is the NAT rule:
In the PC I try to reach the SMB server by typing on windows explorer:
\\10.10.3.110
It never reaches destination. What am I doing wrong?
Best Answers
-
CORRECT ANSWER
shiprasahu93
Moderator
Hello @Cesar,
Welcome to SonicWall community.
So, you have a private address on the X1 interface and would like to use X1 IP to reach the internal samba server with IP: 10.20.3.110.
First of all I would suggest creating an inbound NAT policy and WAN to LAN access rule as below for the X1 IP instead of the dummy address used:
NAT policy:
Original source: Any
Translated source: Original
Original destination: 10.10.3.141
Translated destination: 10.20.3.110
Original service: SMB
Translated service: Any
Inbound interface: X1
Outbound interface: Any
Access rule:
Source: Any
Destination: 10.10.3.141
Service: SMB
Action: Allow
Use \\10.10.3.141 on the browser and then test it out.
Let me know how it goes.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
5 -
CORRECT ANSWERshiprasahu93
Moderator
That's my bad. This is straight forward for other services like HTTP and RDP but looks like will not work for SMB. The syntax itself will not be accepted for SMB.
You can use the dummy IP as before and use SMB itself as the original service. Additionally, please add the following static ARP entry so that the dummy IP(mention the actual IP you want to use) is bound to X1 interface.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
1
Answers
Thanks a lot @shiprasahu93.
What if I have two samba servers? I have actually two computers in X0 (LAN) interface. Your solution is perfect for a single SMB server (working now), but how can I do with the second server? This second server is a windows10 sharing some disks.
Thanks in advance!
@Cesar,
You can try a Port address translation for the second server. Here will be changes.
Choose a custom port that can be used from outside like TCP 4444.
NAT policy:
Original source: Any
Translated source: Original
Original destination: 10.10.3.141
Translated destination: Second Samba server
Original service: TCP 4444
Translated service: SMB
Inbound interface: X1
Outbound interface: Any
Access rule:
Source: Any
Destination: 10.10.3.141
Service: TCP 4444
Action: Allow
Use \\10.10.3.141:4444 on the browser and then test it out.
Let me know if that works out. Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi @shiprasahu93 ,
the original samba server keeps working fine but I cannot make the second one work. PC's Windows Explorar cannot find the "specified destination".
My suggestion is you could do "no nat" between PC and SMB servers.
"no nat" rule between them and ACL permitting SMB traffic.
It worked perfectly smooth. Thank you @shiprasahu93
thank you @SEBASTIAN , it worked with @shiprasahu93 config. I'll give yours a try to see if it is easier.
Best