I am having a problem with Win 10 SMB folder shares on my company's network. There is a subnet (let's call it production) with 3 hosts that are industrial PCs that are used as machine controllers and are connected to the rest of the network via an mGuard router (let's call it a company). It is (allegedly) set up a 1: 1 NAT, which is to map Host 1 from the production network to an address in the corporate network. What I want to achieve is a shared folder on host 1 in the production network, which can be reached via the NAT in the corporate network. I do not have access to the router's configuration because it was remotely configured by the manufacturer of the computer. However, the NAT appears to be set up as requested because the corporate network has an address that responds to ping and VNC connection requests, but this is not possible. Access shared folders. The shares also seem to be configured correctly because they are seen by the other two hosts in the subnet. MGuard allegedly does not filter applications, the Windows firewalls are disabled on the controller PCs
NMAP of the NAT address seen from the company network:
NSE: Loaded 148 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 11:43 Completed NSE at 11:43, 0.00s elapsed Initiating NSE at 11:43 Completed NSE at 11:43, 0.00s elapsed Initiating ARP Ping Scan at 11:43 Scanning 10.150.4.9 (1 port) Completed ARP Ping Scan at 11:43, 0.52s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 11:43 Completed Parallel DNS resolution of 1 host. at 11:43, 0.00s elapsed Initiating SYN Stealth Scan at 11:43 Scanning 10.150.4.9 (1000 ports) Discovered open port 3389/tcp on 10.150.4.9 Discovered open port 5900/tcp on 10.150.4.9 Discovered open port 1433/tcp on 10.150.4.9 Completed SYN Stealth Scan at 11:43, 4.02s elapsed (1000 total ports) Initiating Service scan at 11:43 Scanning 3 services on 10.150.4.9 Completed Service scan at 11:44, 11.01s elapsed (3 services on 1 host) Initiating OS detection (try #1) against 10.150.4.9 Retrying OS detection (try #2) against 10.150.4.9 NSE: Script scanning 10.150.4.9. Initiating NSE at 11:44 Completed NSE at 11:44, 5.12s elapsed Initiating NSE at 11:44 Completed NSE at 11:44, 0.00s elapsed Nmap scan report for 10.150.4.9 Host is up (0.0017s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 1433/tcp open ms-sql-s Microsoft SQL Server 2014 12.00.5000.00; SP2 | ms-sql-ntlm-info: | Target_Name: 8957PU10-50K2 | NetBIOS_Domain_Name: 8957PU10-50K2 | NetBIOS_Computer_Name: 8957PU10-50K2 | DNS_Domain_Name: 8957Pu10-50K2 | DNS_Computer_Name: 8957Pu10-50K2 |_ Product_Version: 10.0.14393 | ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback | Issuer: commonName=SSL_Self_Signed_Fallback | Public Key type: rsa | Public Key bits: 1024 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-08-19T03:53:15 | Not valid after: 2049-08-19T03:53:15 | MD5: 7c01 11b2 b195 05bd 7557 949c 9f95 7057 |_SHA-1: 4542 4e51 1207 f65e 01a4 6ab3 0d4c 7391 09f1 4f09 |_ssl-date: 2019-08-19T09:44:45+00:00; +30s from scanner time. 3389/tcp open ms-wbt-server Microsoft Terminal Services | ssl-cert: Subject: commonName=8957Pu10-50K2 | Issuer: commonName=8957Pu10-50K2 | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-07-14T03:56:52 | Not valid after: 2020-01-13T03:56:52 | MD5: e8bb 8d4a 32fa 6b74 c313 3d52 8f93 1790 |_SHA-1: c2b5 d8a8 44e1 a089 0525 6665 945e eceb 387b 70eb |_ssl-date: 2019-08-19T09:44:45+00:00; +31s from scanner time. 5900/tcp open vnc VNC (protocol 3.8) | vnc-info: | Protocol version: 3.8 | Security types: | VNC Authentication (2) | Tight (16) | Tight auth subtypes: |_ STDV VNCAUTH_ (2) MAC Address: A8:74:1D:76:A1:0C (Phoenix Contact Electronics Gmbh) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|WAP Running (JUST GUESSING): Linux 2.6.X (97%), D-Link embedded (96%), TRENDnet embedded (96%), Microsoft Windows 2016|Vista (91%), FreeBSD 6.X (87%) OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:microsoft:windows_server_2016 cpe:/o:microsoft:windows_vista::sp1:home_premium cpe:/o:freebsd:freebsd:6.2 Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (97%), D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (96%), Microsoft Windows Server 2016 (91%), Microsoft Windows Vista Home Premium SP1 (89%), FreeBSD 6.2-RELEASE (87%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 0.244 days (since Mon Aug 19 05:52:30 2019) Network Distance: 1 hop TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows Host script results: |_clock-skew: mean: 30s, deviation: 0s, median: 30s | ms-sql-info: | 10.150.4.9:1433: | Version: | name: Microsoft SQL Server 2014 SP2 | number: 12.00.5000.00 | Product: Microsoft SQL Server 2014 | Service pack level: SP2 | Post-SP patches applied: false |_ TCP port: 1433 TRACEROUTE HOP RTT ADDRESS 1 1.67 ms 10.150.4.9
The NetBIOS name for host 1 is 8957PU10-50K2
Some related resources:
Thank you in advance.