04-27-2009 05:00 AM - edited 03-11-2019 08:24 AM
I have a natted network , all the users in side are accessing one global server Exchnage server xx.xx.xx.21, now i want to implement a rule in my local firewall to block traffic , so that usera cant not access this global server \\xx.xx.xx.21 using file share . I did tried to block port 445, but still file shareing using \\xx.xx.xx.21 is working suggest me a solution
04-27-2009 05:32 AM
I assume you are refering to CIFS, please try blocking UDP and TCP 445 as these are both used for Microsoft-DS (according to IANA, http://www.iana.org/assignments/port-numbers)
HTH
Steve
04-27-2009 05:44 AM
Here's a link on what to open for communications, reverse it and it should block communications.
http://technet.microsoft.com/en-us/library/bb727063.aspx
Hope that helps.
04-27-2009 09:30 AM
No luck Guys i am using SDM CBAC feature to implement.
04-27-2009 10:19 AM
Why don't you post a santized config for us to look at.
04-27-2009 10:22 AM
Collin
I was just able to make the specified fix, basically windows firewall helped.
The Ports which are required to block are 445, 136, 137 and 138
04-27-2009 10:24 AM
Glad to hear you go it working. BTW the ports you listed are in the link I provided.
04-27-2009 10:46 AM
You are correct, though every thing is available online . Its just they way we have to implement.
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: