Hi all,

I am working with a small company to give others access to files on their server using windows file sharing rather than via a web interface.

The server is all set up and is working from other ISP's but not, it seems from Virgin.

I have tested from 2 PCs, one XP, the other Vista. One a Virgin cable connection and one a DSL connection.

I am getting them to do the following:

Start -> Run -> \\<ip address>

(this is an internet based IP address - not a local one, btw)

It just waits for 45-60 seconds and then comes back with "network path not found" sort of error.
The server is pingable and works perfectly fine from other PCs on other ISP's and I have checked firewalls/AV etc.

Has anyone seen anything like this before?
I am getting one of the chaps to turn off this network search error helper thing when he gets home to see if it helps, but I suspect that it will make no difference.

Yes I think you'll find the required ports are blocked on virgin media for security reasons

Hi all,

I am working with a small company to give others access to files on their server using windows file sharing rather than via a web interface.

The server is all set up and is working from other ISP's but not, it seems from Virgin.

I have tested from 2 PCs, one XP, the other Vista. One a Virgin cable connection and one a DSL connection.

I am getting them to do the following:

Start -> Run -> \\<ip address>

(this is an internet based IP address - not a local one, btw)

It just waits for 45-60 seconds and then comes back with "network path not found" sort of error.
The server is pingable and works perfectly fine from other PCs on other ISP's and I have checked firewalls/AV etc.

Has anyone seen anything like this before?
I am getting one of the chaps to turn off this network search error helper thing when he gets home to see if it helps, but I suspect that it will make no difference.
it uses port 138/139 netbois to make the conenction and it is blocked, it also uses other ports but it uses this one as well

Also there's probably some huge security-related reason that this isn't a good idea

Also there's probably some huge security-related reason that this isn't a good idea
very true but that is the OP problem to deal with dnt think ti affect virign apart from netbois attacks problems

Can you change to a port thats not blocked?

There's an access list sent to every cable modem as part of their config file which blocks the following ports bidirectionally:

137 UDP
138 UDP
139 TCP
445 UDP/TCP
593 TCP
1433 TCP
1434 UDP
27374 TCP

139 is Netbios session, 445 is Microsoft Directory Services SMB, these will prevent Windows file sharing working over a VM connection, 445 is the major killer for file sharing.

137 and 138 are Netbios name service and datagram ports. Not usually required as MS-DS has made Netbios redundant.

593 is RPC / Remote Procedure Call and prevents Exchange servers being reachable from a VM connection.

OP - Use a VPN. You shouldn't really be running file sharing services unencrypted across the public Internet anyway. Check out http://openvpn.net/

Exposing directory services to the Internet is not wise at all - you really should have these RFC1918 addressed and behind a firewall with VPN access.

---------- Post added at 19:49 ---------- Previous post was at 19:48 ----------

Can you change to a port thats not blocked?

No. Not without playing games with port translation.

There's an access list sent to every cable modem as part of their config file which blocks the following ports bidirectionally:

137 UDP
138 UDP
139 TCP
445 UDP/TCP
593 TCP
1433 TCP
1434 UDP
27374 TCP

139 is Netbios session, 445 is Microsoft Directory Services SMB, these will prevent Windows file sharing working over a VM connection, 445 is the major killer for file sharing.

137 and 138 are Netbios name service and datagram ports. Not usually required as MS-DS has made Netbios redundant.

593 is RPC / Remote Procedure Call and prevents Exchange servers being reachable from a VM connection.

OP - Use a VPN. You shouldn't really be running file sharing services unencrypted across the public Internet anyway. Check out http://openvpn.net/

Exposing directory services to the Internet is not wise at all - you really should have these RFC1918 addressed and behind a firewall with VPN access.

---------- Post added at 19:49 ---------- Previous post was at 19:48 ----------



No. Not without playing games with port translation.

Dam i thought that exchange port was blocked wish i knew the other day for sure, i need to keep this list for future reference i kenw netbios was blocked the res ti never kenw about

Taoski, you could consider setting up FTP on the server and give out a username and password to the other companies. They can then drag and drop in Windows Explorer pretty much like a standard network share. It's not quite as good but it might meet your needs.

ftp rules

www.hamachi.cc - Easy as pie to setup and you can use windows shares over it.

You should really do stuff like this over VPNs. It's bad practice to run services like Netbios, SQL, Exchange RPC, RDP, among others over the net. Not so much for the clients, but because those ports are liable to attack on the server end. Some of them are unencrypted by default anyway, or use very light encryption which is easily broken (NTLM V1 IIRC). Any decent ISP should block these.

Your best option is to (depending on licences) enable VPN on the server and use that. I know people who swear by the Windows inbuilt VPN. Plus it shouldn't cost anything to implement, other than some time.

Of course, the 'better' solution is to go with hardware VPNs in the network, which makes it transparent to the user, and gives you full-on two way communications between the networks. It just costs money to buy them, and expertise to set up.