Routing – SMB shares that are not reachable over 1: 1 NAT

I am having a problem with Win 10 SMB folder shares on my company's network. There is a subnet (let's call it production) with 3 hosts that are industrial PCs that are used as machine controllers and are connected to the rest of the network via an mGuard router (let's call it a company). It is (allegedly) set up a 1: 1 NAT, which is to map Host 1 from the production network to an address in the corporate network. What I want to achieve is a shared folder on host 1 in the production network, which can be reached via the NAT in the corporate network. I do not have access to the router's configuration because it was remotely configured by the manufacturer of the computer. However, the NAT appears to be set up as requested because the corporate network has an address that responds to ping and VNC connection requests, but this is not possible. Access shared folders. The shares also seem to be configured correctly because they are seen by the other two hosts in the subnet. MGuard allegedly does not filter applications, the Windows firewalls are disabled on the controller PCs

NMAP of the NAT address seen from the company network:

NSE: Loaded 148 scripts for scanning.

NSE: Script Pre-scanning.

Initiating NSE at 11:43

Completed NSE at 11:43, 0.00s elapsed

Initiating NSE at 11:43

Completed NSE at 11:43, 0.00s elapsed

Initiating ARP Ping Scan at 11:43

Scanning (1 port)

Completed ARP Ping Scan at 11:43, 0.52s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 11:43

Completed Parallel DNS resolution of 1 host. at 11:43, 0.00s elapsed

Initiating SYN Stealth Scan at 11:43

Scanning (1000 ports)

Discovered open port 3389/tcp on

Discovered open port 5900/tcp on

Discovered open port 1433/tcp on

Completed SYN Stealth Scan at 11:43, 4.02s elapsed (1000 total ports)

Initiating Service scan at 11:43

Scanning 3 services on

Completed Service scan at 11:44, 11.01s elapsed (3 services on 1 host)

Initiating OS detection (try #1) against

Retrying OS detection (try #2) against

NSE: Script scanning

Initiating NSE at 11:44

Completed NSE at 11:44, 5.12s elapsed

Initiating NSE at 11:44

Completed NSE at 11:44, 0.00s elapsed

Nmap scan report for

Host is up (0.0017s latency).

Not shown: 997 filtered ports


1433/tcp open  ms-sql-s      Microsoft SQL Server 2014 12.00.5000.00; SP2

| ms-sql-ntlm-info: 

|   Target_Name: 8957PU10-50K2

|   NetBIOS_Domain_Name: 8957PU10-50K2

|   NetBIOS_Computer_Name: 8957PU10-50K2

|   DNS_Domain_Name: 8957Pu10-50K2

|   DNS_Computer_Name: 8957Pu10-50K2

|_  Product_Version: 10.0.14393

| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback

| Issuer: commonName=SSL_Self_Signed_Fallback

| Public Key type: rsa

| Public Key bits: 1024

| Signature Algorithm: sha1WithRSAEncryption

| Not valid before: 2019-08-19T03:53:15

| Not valid after:  2049-08-19T03:53:15

| MD5:   7c01 11b2 b195 05bd 7557 949c 9f95 7057

|_SHA-1: 4542 4e51 1207 f65e 01a4 6ab3 0d4c 7391 09f1 4f09

|_ssl-date: 2019-08-19T09:44:45+00:00; +30s from scanner time.

3389/tcp open  ms-wbt-server Microsoft Terminal Services

| ssl-cert: Subject: commonName=8957Pu10-50K2

| Issuer: commonName=8957Pu10-50K2

| Public Key type: rsa

| Public Key bits: 2048

| Signature Algorithm: sha256WithRSAEncryption

| Not valid before: 2019-07-14T03:56:52

| Not valid after:  2020-01-13T03:56:52

| MD5:   e8bb 8d4a 32fa 6b74 c313 3d52 8f93 1790

|_SHA-1: c2b5 d8a8 44e1 a089 0525 6665 945e eceb 387b 70eb

|_ssl-date: 2019-08-19T09:44:45+00:00; +31s from scanner time.

5900/tcp open  vnc           VNC (protocol 3.8)

| vnc-info: 

|   Protocol version: 3.8

|   Security types: 

|     VNC Authentication (2)

|     Tight (16)

|   Tight auth subtypes: 

|_    STDV VNCAUTH_ (2)

MAC Address: A8:74:1D:76:A1:0C (Phoenix Contact Electronics Gmbh)

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

Device type: general purpose|WAP

Running (JUST GUESSING): Linux 2.6.X (97%), D-Link embedded (96%), TRENDnet embedded (96%), Microsoft Windows 2016|Vista (91%), FreeBSD 6.X (87%)

OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/h:dlink:dwl-624%2b cpe:/h:dlink:dwl-2000ap cpe:/h:trendnet:tew-432brp cpe:/o:microsoft:windows_server_2016 cpe:/o:microsoft:windows_vista::sp1:home_premium cpe:/o:freebsd:freebsd:6.2

Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (97%), D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (96%), Microsoft Windows Server 2016 (91%), Microsoft Windows Vista Home Premium SP1 (89%), FreeBSD 6.2-RELEASE (87%)

No exact OS matches for host (test conditions non-ideal).

Uptime guess: 0.244 days (since Mon Aug 19 05:52:30 2019)

Network Distance: 1 hop

TCP Sequence Prediction: Difficulty=257 (Good luck!)

IP ID Sequence Generation: Incremental

Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:

|_clock-skew: mean: 30s, deviation: 0s, median: 30s

| ms-sql-info: 


|     Version: 

|       name: Microsoft SQL Server 2014 SP2

|       number: 12.00.5000.00

|       Product: Microsoft SQL Server 2014

|       Service pack level: SP2

|       Post-SP patches applied: false

|_    TCP port: 1433



1   1.67 ms

The NetBIOS name for host 1 is 8957PU10-50K2

Some related resources:

Thank you in advance.

el capitan – Add an SMB printer through the terminal

Goal: Add a domain printer directly from the terminal without using its IP address.

Follow the instructions here:

I have executed this command:

sudo lpadmin -p sharp4141n -L "front office code" -E smb://ESC-PRINT01.byu.local/ESCN284_MX-4141N -P /Users/jaybrown/Desktop/ESC_PRINT01_ESC_N284_SHARP_MX_4141N_PCL6.ppd

But get the error:

lpadmin: Unknown argument “smb://ESC-PRINT01.byu.local/ESCN284_MX-4141N”.

I am in a domain. On an iMac with El Capitan. Please help me.

Enter image description here

mac – Finder Search does not work when searching for network drives shared with an SMB connection in Mojave 10.14.0

We had a nightmare finding out that Mojave 10.14.5 did not allow other Macs to connect through SMB without freezing the client's finder and / or making or breaking connections. To fix this, we have 10.14.0 clean installed. The only problem I have is that if the clients browse the Mojave server through the Finder or clients are in the limelight, no results from the Mojave server show will be displayed. This happens on all 14 clients. I have confirmed that the Mojave server has completed indexing. Not sure why none of the clients can browse the Mojave server. Any help would be appreciated.

MD5 hash comparison via SMB SLOW

I am writing a script for a full power solution in Powershell for Hyper-V VMs and I have encountered the problem that calculating the MD5 hash over the network on a deployed network drive over a WAN is about half the speed of copying the file even the WAN connection. I tried to refer certutil.exe from the operating system to the file over the share, and it is very slow. I also tried Get-FileHash in Powershell with similar results. I have hundreds of 250-MB files and could not find a more efficient way to do that without invoking a remote shell to run the command. Is there a better approach?

Server Message Block – SMB mounts well if kbr5 is used, but no explicit credentials

At my company, we tested SMB to replace NFS servers.
When mounting Windows server shares everything works as expected. ie:

mount.cifs // credentials = / home / ttest / .smb
# OR
mount.cifs // -o sec = krb5, uid = $ UID, gid = team, cruid = $ UID

For this test we have a Centos 7.6 server with Samba 4.8. Windows machines can fine mount the share, and Centos clients can mount it with the sec = kbr5 option.

The matter

I can not figure out why I can not mount this share with explicit permissions! ie:

mount.cifs // -o sec = krb5, uid = $ UID, gid = team, cruid = $ UID
mount.cifs // / mnt / share / -o credentials = / home / ttest / .smb

linux – smb with three unix users (unrestricted access to aFolder, b to b and c read only for both)


Hello, I would like to ask you how to set the Samba users and folders to make three users: 1. User access to aFolder (share) full permissions 2. User access to bFolder (share) full permissions 3.cUser access a + folder can only be read

I want to make a backup on my old laptop (I'll install lubuntu) like smb server with aUser and bUser to sync photos / videos and a user to stream / view the photos / videos of both. The desired folder structure would be a main BACKUPS folder with two subfolders, a folder and b folder. When I try to access the SMB, three local network domains can be created; Domain A, Domain B, and Stream, which point exactly to the SMB folders I'm going to create for faster access from home devices. Thabks in advance.

smb conf – How should the Samba Recycle Bin work with deleted folders?

vfs object = recycle in smb.cfg works well with deleted files.
But how should the samba trash folder work?

I made the following comments:

With possibility recycle: keeptree = Yes

1 – delete a file – moves it to the recycle bin, preserving the original folder structure

2 – Delete a folder containing a file – moves the files in it to the Trash, keeping the original folder structure

3 – delete a folder that does not contain any files – Folder disappears, nothing in the trash

without possibility recycle: keeptree = Yes

4 – Delete file – Moves the file without folder structure to the trash

5 – delete a folder that contains a file – Folders and files disappear, nothing in the trash

6 – delete a folder that does not contain any files – Folder disappears, nothing in the trash

questionAre the cases 3.5 and 6 by design?

Many Thanks

macosx – files accessed through macOS SMB sharing encryption

I have an iMac on the same network as my Windows desktop. Both are in the local network of my university.

I share a folder on the iMac with the built-in sharing utility (via SMB), with no access for all users and my account set to read and write. I have also enabled the Windows File Sharing option for my user.

On the Windows desktop, I connect to the system with the set network name ([iMac name].local) and with the credentials of my iMac account.

My question is that with the SMB sharing feature via macOS, the credentials for accessing the shared folder and all data (for example, reading / writing the contents of the shared folder) are encrypted and not sent in plain text. I want to make sure it contains the password and data about my iMac.

The unix smb server does not appear in Locations in the Finder sidebar

I have Samba installed on Linux.

  • Via the Finder> Go to> "Connect to Server …" I can connect to the server and view my folders.
  • The server appears under Locations in the Finder sidebar.
  • When I remove the server, it disappears from the sidebar and does not return.

What do I have to do to ensure that the server is always displayed in the sidebar during operation?

I tried different things that I found on the internet. No fun.

  • macOS 10.14.3
  • Samba 2: 4.5.16 + dfsg-1
  • Linux pi 4.14.98-v7 + # 1200 SMP Tue 12.02. 20:27:48 GMT 2019 Armv7l GNU / Linux

terminal – Opens the SMB command, which still prompts you to log in to the Finder

I have a script that sends the magic packet to activate my server, then the network drives are loaded. It works well on 2 of the 3 laptops in my household. The third command, which uses the same script, asks for a login at the Finder prompt, no matter what. All 3 are on OSX Mojave.

Here's the command I'm using that does not look like it's going through my password (because the username will be passed and filled in the Finder window when it appears).

Open & nbsp; smb: // username: password @ server / share & # 39;

What the hell am I missing?