Windows – How to mount a samba share on non-standard port

cifsnetworkingsambasmbwindows

The firewall on my network drops all packets on TCP port 139 and 445. So all samba shares don't work outside the LAN.

I tried letting the samba daemon listen on a non-standard port. This method works well for linux, because both smbclient and smbmount has an option to set server port. But on windows I cannot find a similar option.

Does Windows support mounting smb shares on non-standard ports? Third-party softwares are also acceptable.

Edit:

\\hostname:port\share in Windows explorer doesn't work. Strangely, I can see the connection is established on the server. But Windows keeps telling me that the server couldn't be reached. It doesn't work even in LAN with standard port 445, in which case a path without port number will get through.

Best Answer

Unfortunately, it is not possible as windows does only support ports 445 and 139

You might be able to use ssh tunneling. Here is a reference using windows and linux: https://www.ocf.berkeley.edu/~xuanluo/sshproxywin.html

Related Solutions

Windows 10 64 domain computer cannot access Linux (Raspberry Pi3) samba share

It could be that your Windows 10 client is now trying to implicitly authenticate using DOMAIN\username when you try to access the share.

Does the Raspberry Pi3 have a hostname/NETBIOS name in the samba configuration (under the global config section)? If so, you could try specifying SAMBA_NETBIOSNAME\username when you try to authenticate to access the share.

UPDATE:
Based on the config you provided I would suggest adding netbios name = pi3 or something to that effect and then trying to sign in with pi3\username.

You might also try playing with some of the other authentication settings found in the documentation for SAMBA. Note that you'll probably have to restart the samba daemon after making changes to the config.

For example, you might try adding auth methods = guest sam winbind noting that guest allows anonymous access. That way you could isolate the problem between a configuration problem and an authentication problem (assuming anonymous access would be used when you can't authenticate - I'm rusty on my SAMBA skills).

In other words, as long as you can get in with guest enabled then we know at least the v1,2,3 piece is working and you can focus on the authentication settings. Once you've finally got the settings working for non-guest access you should remove the guest access to prevent unauthorized access to your share(s).

I'd also consider adding settings to force the ntlm auth, lanman auth, server schannel, and server signing settings to mirror the settings in your Windows client.

To check the equivalent Windows settings, run "secpol.msc" and check the settings under:

Security Settings
  Local Polices
    Security Options
      - Microsoft network client: *
      - Network security: *

Microsoft network client: Digitally encrypt or sign secure channel data (always)
Microsoft network client: Digitally encrypt secure channel data (when possible)
Microsoft network client: Digitally sign secure channel data (when possible)

These settings dictate what the server schannel and server signing settings should be in your samba config.

Network security: LAN Manager authentication level

This setting dictates what the ntlm auth and lanman auth settings should be in your samba config.

For example, Send NTLMv2 response only. Refuse LM & NTLM in your Windows settings is equivalent to ntlm auth = no and lanman auth = no in your samba config.

NOTE: I don't recommend changing your Windows settings unless you're comfortable troubleshooting authentication issues with the domain afterwards.

Windows – Samba share across two subnets

remote announce=192.168.11.255/WORKGROUP 192.168.51.255 192.168.255.255/WORKGROUP

Best Answer

Related Solutions

Windows 10 64 domain computer cannot access Linux (Raspberry Pi3) samba share

Windows – Samba share across two subnets

Related Question