04-27-2009 05:00 AM - edited 03-11-2019 08:24 AM
I have a natted network , all the users in side are accessing one global server Exchnage server xx.xx.xx.21, now i want to implement a rule in my local firewall to block traffic , so that usera cant not access this global server \\xx.xx.xx.21 using file share . I did tried to block port 445, but still file shareing using \\xx.xx.xx.21 is working suggest me a solution
04-27-2009 05:32 AM
I assume you are refering to CIFS, please try blocking UDP and TCP 445 as these are both used for Microsoft-DS (according to IANA, http://www.iana.org/assignments/port-numbers)
HTH
Steve
04-27-2009 05:44 AM
Here's a link on what to open for communications, reverse it and it should block communications.
http://technet.microsoft.com/en-us/library/bb727063.aspx
Hope that helps.
04-27-2009 09:30 AM
No luck Guys i am using SDM CBAC feature to implement.
04-27-2009 10:19 AM
Why don't you post a santized config for us to look at.
04-27-2009 10:22 AM
Collin
I was just able to make the specified fix, basically windows firewall helped.
The Ports which are required to block are 445, 136, 137 and 138
04-27-2009 10:24 AM
Glad to hear you go it working. BTW the ports you listed are in the link I provided.
04-27-2009 10:46 AM
You are correct, though every thing is available online . Its just they way we have to implement.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide