Newbie: Simple install kills windows 7 shares. Windows 2000 machines will work.
-
Hello… This is my first post... Still finding my way around...
I just installed pfSense 2.0 on a hard drive. My network is simple. I have a cable modem from Comcast connected to the WAN side and I have a "single" flat (no subnets) network on the LAN side. My network consists of Windows 7 PCs and a couple of Windows 2000 PCs. When I replaced my old Cisco PIX firewall/router with pfSense all of the shares went offline. I tried to remount the shares via an IP address but it failed. It would just hang... I unplug the pfsense and it connects.
I read the forums for about an hour and did not see anything that would address this. I "am" able to connect from a Windows 7 PC to a share on a Windows 2000 PC but not Visa-Versa when the pfsense box is connected.
I went over the configuration of pfSense in the Web interface to see if there was anything obvious that I missed but didn't find anything. I did-not-change-anything from the default configuration except the fact of adding the IP addresses for the WAN and LAN interfaces. What gives? I should not be even going through the firewall for local communications on the same network.
I thought at first that maybe there was something running on the Cisco PIX box but everything works if it is connected or not?
Any thoughts?
Thanks!
Darius
-
It might be related to the local domain suffix the dhcp on the pfsense is pushing to your clients.
Per default is/was (on 1.2.3) .local.Try changing that to something different. (general settings, the domain)
I know that a least OSX based deviced show strange behaviour when the dhcp assigns the .local suffix.
Possible that newer windows versions have the same problem.
As i've read is has something to do with mDNS, although i dont know the details. -
Try accessing the shares by IP address. Maybe you have a DNS issue.
-
Thanks for the replies Fellas…
Found out what was happening....
I originally tried pfSense followed by M0n0wall and some others. I was experiencing the same issues. I did try to connect to by using an IP address but it would just lay there and look at me.
I dug deeper by looking into the firewall logs of one of the servers providing shares and found that it was complaining about connection attempts from ports 137-139 (Old Windows 2000 and XP PCs) and also port 445 from the Win 7 boxes. 445? I had to look that one up. It seems that this port (Discovery Server Port) is the replacement for the old NetBIOS ports 137-139. I allowed port 445 on the file server and I was able to connect a share by name. Cool.... But not finished.
Now when you try to connect to a share you cannot see the rest of the network. You have to go into:
Control_panel --> Network and Sharing Center --> Change Advanced sharing settings
and enable "Turn on Network Discovery". This allowed me to see all of the other members of my group.
The Firewall is working well. I upgraded all of the Win 7 boxes to Service Pack 1 to give the firewall/gateway a workout and it was not even sweating (2.8GHz, 512MB, 80GB, w/2 100mb links). I have a 22Mb/s down and 5Mb/s up Comcast link so everything went real fast.
One other note.... If any of you are reading this and still have trouble with XP and 2000 connecting then go to the PC that is providing the share and go into that PC's firewall software and tell it to specifically allow your PC (by IP Address) to use ports 137-139. I did this with McAfee and it worked.
Why all of this broke when I put pfsense online still baffles me. I was still on the same LAN so pfsense should have not been involved. When pfsense was disconnected everything worked without any modifications. Most peculiar.
Thanks again for your help!!!!
Darius
