NetBios ports and SMB
-
Hello fellow Netgate community members can you please help,
I finally got to test accessing my Netgate 2100 max firewall VPN while I was visiting family back east. It worked amazing. I was able to access my NAS and send photos to it. I noticed that when I use the VPN the connection seems to want to use NetBios ports, I only have SMB port open and approved destination, and approved source IP addressing. Is NetBios required? I have lots of logs that show NetBios ports being blocked, however my SMB ports worked great. I did have some slow downs. So what is recommended in this situation, I have read many cyber security blogs that state disable NetBios. What ports should be open? Only SMB or SMB and NetBios?
The VPN accesses my private NAS and, it just shows many of the logs wanting to utilize NetBios when connected, should that be open for SMB?
The connection goes from iPhone into my static IP
-
@JonathanLee Not exactly sure what your wanting to accomplish to be honest, most of the internet will block 445 anyway along with the netbios ports.. That you could make a non tunneled connection from some IP out on the internet to IP would be rare..
The old netbios ports 137-139 have no use currently with current versions of SMB... But depending on your client it could still be trying to use the old netbios stuff.. So yeah that could be blocked in a firewall sure. Or might show up in a log..
But any modern implementation of SMB would not need these ports to function.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz I am using the openVPN to get to the NAS with the tunnel. It works, I am impressed, that is a huge distance. There is lots of logs showing the thing wanting to use older netbios that I intentionally have blocked. Again all inside the encrypted tunnel.
-
@johnpoz thanks for your help with understanding why it wants netbios
