Inter-VLAN Problem on Windows File sharing

Unanswered Question
Feb 22nd, 2007

Hi,

Im using 3750 L3 switch and 2950 L2 Switch. I've configured 12 VLANs and configured inter-VLAN. But there has been a problem with file sharing on windows. I can ping the machine on different VLANs and i can also run some application like remote desktop connections. But file sharing is failing. Pls help. thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
purohit_810 Thu, 02/22/2007 - 19:50

Hi,

That is not Inter Vlan problem.

It is problem with widows file sharing.

Wich operating systems are you using?

Regards,

Dharmesh Purohit

eabonalla Thu, 02/22/2007 - 19:54

sorry i forgot to mention than inside the same VLAN file sharing works fine. it is just when on different VLAN that file sharing fails. we are using windows xp with SP2. thanks

Danilo Dy Thu, 02/22/2007 - 20:28

Are all hosts windows xp sp2?

What are the protocols and client installed and activated? i.e. Netbeui, File and printing sharing for microsoft network, client for microsoft networks.

eabonalla Thu, 02/22/2007 - 21:08

clients for microsoft networks

file and printer sharing for microsoft network

qos for packet sheduler

and internet protocol(tcp/ip)

thotsaphon Thu, 02/22/2007 - 22:33

Hi Estelito.

When you use files sharing you use name or ip address for that please verify by this procedure

** ip address **

\\ip address of a pc on another vlan which you want to do share

work???

** Name **

\\name of pc on another vlan which you want to do share

if it work I think your dns can solve this name.

If not please verify your dns.

In case of same vlan I think It may be solve the name by net-bios.

HTH

eabonalla Thu, 02/22/2007 - 23:01

i have a good DNS and even installed WINS. i can resolve names or vice versa.

\\ip address or \\name

it will always give me an error:

"The network path was not found"

but i can ping by either ip address or name.

and i can also run some applications. thanks

thotsaphon Thu, 02/22/2007 - 23:45

Do you have ACL on interface vlans?

If you have you can do permit TCP 445 for verifing this problem.

HTH

eabonalla Fri, 02/23/2007 - 00:02

i didnt put acl. ive also forced every computer to open port 445 just in case. but nothing works. im thinking, could it be ARP problem or reverse ARP problem?

Danilo Dy Thu, 02/22/2007 - 23:57

Can you post your L3 switch config (remove confidential information like username/password, change the first and second octet of public ip address to xxx.yyy)

I suspect you have ACL that blocks file sharing ports UDP 137, 138 and TCP 445, 139 between vlans kabayan :)

If not, try this link http://support.microsoft.com/kb/304040

eabonalla Fri, 02/23/2007 - 00:31

i've done everything i knew. starting from computers, opened port 445 or disabled every firewall on PC. i've done simple file sharing to a more complicated one. installed additional protocols.

ive already upgraded every single switch i can put my hands on. reviewed and researched every aspect of routing and VLANs and VTP. maybe im missing out something.

anyway this is am attaching the running config of my L3 switch.

thanks.

Danilo Dy Fri, 02/23/2007 - 00:49

What is host 10.1.1.6 a router or firewall?

For troubleshooting purposes, what are the IP Addresses of two hosts that you are trying to communicate through file sharing? Just give us two hosts and their actual IP Addresses.

Are these two hosts able to ping each other using their netbios name (computer name)?

Have you tried this troubleshooting from Microsoft ? http://support.microsoft.com/kb/308007

eabonalla Fri, 02/23/2007 - 00:59

the two acl PEZA and PEZA_all is for routing my users to two different Internet Service Provider. 192.168.1.1 and 10.1.1.6 are my routers to internet. i just selected who goes to what ISP.

10.1.2.18 and 10.1.7.4

which if im not mistaken is PC from VLAN101 to PC from VLAN111.

by the way, before i configured those policy based routing, its already my problem.

thanks

eabonalla Fri, 02/23/2007 - 01:09

filesharing between computers within same VLAN works fine. i can ping computers from different VLANS using IP Address, name, and name.domain.com.

i've also followed lots of steps and troubleshooting techniques from support.microsoft.com.

nothings work.

im thinking now. could it be an ARP or RARP error? maybe tables from L2 routing is messed up.

thotsaphon Fri, 02/23/2007 - 01:40

Hi

The problem occurs when you test file shareing of 10.1.2.18 and 10.1.7.4 so please confirm my confusion :D

1. From 10.1.2.18 ping to 10.1.7.4 what is the result?

2. From 10.1.2.18 telnet to 10.1.7.4 with port 3389 what is the result? It would work because you can remote desktop into it as you tell.

3. From 10.1.2.18 telnet to 10.1.7.4 with port 445 what is the result?

Danilo Dy Fri, 02/23/2007 - 01:48

Your policy routing which has PEZA ACL makes host from VLAN101 hop to 10.1.1.6 and back.

permit ip 10.1.2.0 0.0.0.127 any

Router 10.1.1.6 interface is clean of ACL for windows file sharing?

Hmmm, the last line in your reply gives more question than answer :)

manoj.jain Fri, 02/23/2007 - 01:07

Hello

I m facing same kind of problem tooo.. i m using Vlan also ,my domain controller in one of the vlan ,some workstation in another vlan ,but they are not able to join the domain,giving me error of domain controller not joining. but the workstation which is in same vlan of DC are able to join the domain.

Plz guide me how to resolve this.

Thanx in advance

eabonalla Fri, 02/23/2007 - 01:50

i can ping 10.1.7.4.

i cannot telnet 10.1.7.4 on port 3389

i cannot telnet 10.1.7.4 on port 445

im using putty program for telnet to work on different ports aside from default.

Danilo Dy Fri, 02/23/2007 - 02:23

AS mentioned in my previous post, your policy routing which has PEZA ACL makes host from VLAN101 hop to 10.1.1.6 and back to reach 10.1.7.x.

permit ip 10.1.2.0 0.0.0.127 any

Router 10.1.1.6 interface is clean of ACL for windows file sharing?

Danilo Dy Fri, 02/23/2007 - 03:01

When logic doesn't work, its time to perform sniffing. Use wireshark http://www.wireshark.org/

HostA (10.1.2.18)= host connecting to shared file in HostB

HostB (10.1.7.4) = host with file sharing enable

Sniff HostA port in switch and trigger a file sharing connection from HostA to HostB. Save the result and post it here.

Sniff HostB port in switch and trigger a file sharing connection from HostA to HostB. Save the result and post it here.

eabonalla Fri, 02/23/2007 - 03:50

my policy based routing is just for traffic bound to internet. traffic inside our LAN shoud be denied to those two router.

I will try the sniffing.

i will post again the result. maybe next week.

Thank so much for all your help.

nyr.hakeem-habeeb Fri, 02/23/2007 - 03:51

Hi

have you checked bindings of services on the adapter, this could be a strong culprit.

Thanks

eabonalla Fri, 02/23/2007 - 03:58

how can i check this bidings? pls pls pls help. i didnt heard of this.

Danilo Dy Fri, 02/23/2007 - 04:05

Check bindings http://support.microsoft.com/kb/894564

But you already disable Win XP Firewall and you are able to connect in the same network (VLAN).

I remember during NT4 that you can connect PC to PC file sharing only in the same broadcast domain. In a large enterprise with multiple network you need client server. Anyway, I no windows expert so don't take this comment seriously :)

eabonalla Fri, 02/23/2007 - 04:12

im thinking of bindings on switches. my mistake.

anyway ill try the sniffing first. havent tried it.

thanks guys.

Actions

This Discussion