Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows networking problem thru WAN

Status
Not open for further replies.
snailworks

snailworks

Technical User
Aug 2, 2002
17
US
We have 3 locations all connected via Frame Relays to a central location with a Win2K Domain Controller running Active Directory.
This network has been stable for 2+ years.
A problem has begun recently where 2 of the branch locations cannot connect to Windows shares on the DC - although ALL IP traffic works fine (mail, telnet, etc).

If I create client-to-server VPN connections, the windows shares work.

Any suggestions on what may have changed to cause this problem (or where I should look) ?


Thanks - Gary
 
Sort by date Sort by votes
Thinking out loud here . . .

A lot of service providers have recently started blocking the ports used by SMB on their IP networks in response to the blaster worm.

Now, if you have raw frame connections to each location, this should not be an issue as you should be provided with a raw frame relay connection and you would be responsible for what ever protocols you choose to run over (in this case TCP/IP). Your provider would give you a set of DLCIs, you would have to provide the equipment to create the frame relay connections and link the upper protocols over it.

If, on the other hand, your provider was giving you a 'point to point' TCP/IP connection that just happens to be running over frame, you could have a different situation all together. If they are supplying the TCP/IP, they can route it anywhere they like, including over the internet backbone. They most likely would route it over their own infrastructure to provide reliability, but likely mixed with internet traffic. In this situation, the traffic may be subject to any port/protocol blocking they have in place. Shorter links or links that do not run parrallel to any of their backbone may not run in a mixed content environment, so the ports may not be blocked consistently.

I'll assume I'm right for the rest of the post, so if I'm not just skip on down the page.

Now, although this sounds like a problem, you should be happy to have it. Bout time providers started to take responsibility for some of the dirt that travels over their real estate. Maybe they'll pick up the shovel and dig into some of the spam for us, too. Rant for another post, sorry.

Other than the problem at hand, you really should get a firewall going at each of your sites. Under the circumstances, it is possible for some internet traffic to leak over to your connection. Provider would tell you otherwise, they are full of it.

Solution wise, about your only choice is a VPN. Sounds like a LAN to LAN solution would serve you better than several client to server connections. That will get your traffic past the blocked ports (as you have observed) and provide a little more security at the same time.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
927
suncit
suncit
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
705
Aquiles Vidal
Aquiles Vidal
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
547
antonio_dsanchez
antonio_dsanchez
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
1K
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top