Router blocking traffic (update)

[darkmagex]

I seem to have a problem with my router blocking access to shares.

If i add a mapping in LMHOSTS i can connect fine, and I can connect by IP but not hostname. I've tried DMZ and that doesn't seem to do anything.

DNS seems to be working as everything else on the internet works fine.

Any ideas on what might be being blocked?

 

[Goosemaster]

In to out?
Out to in?

Or are you talking about transfers strictly on the LAN side?

Also, what OS are you running, and are you using Samba/Netbios/TCP/IP?

 

[darkmagex]

The connection is going from the inside LAN to an outside network 192.168.0.x to 129.21.x.x.

Windows XP, no Samba.

 

[djdrastic]

How did you test dns ?

 

[darkmagex]

nslookup, and I captured packets showing the DNS working

I can ping/nslookup the server. I can map to it with an IP, but there is no way to map using the hostname.

 

[darkmagex]

I did some captures on both sides of the router and NBNS Name Queries are not making it through the router. Anyone have any ideas if this is just because of the router (DI-604).

I've tried DMZ and opening up ports 137-139

 

[Goosemaster]

Let me get this straight....

You are attempting to access a foreign IP via a router. It seems that you can indeed indeed ping the IP even without the entry in the LMHOSTS as it should be. The reason you are not able to use a host name is that your router is not allowing outbound Netbios requests.

Because it has to somehow resolve the IP address via ARP/iARP/ (broadcasts) if on a switch or using a routing protocol when behind a configured router, you must let that protocol through. Ths is obviously not new information, but still crucial is the fact that you are trying to route Netbios over the internet. Many SMB to commercial-grade routers will allow fowarding of the Netbios protocol allowing for flexibility in case that the router is an internal device and not the network gateway. Even so, when connected to the internet, your requests will not be fowarded by your ISP's routers.

The problem:


You are editing the wrong file. LMHOSTS is for inter-networking aliasing. Like I said, it uses Netbios, for such things as identifying or talking with PDC's via a broadcast, which is not "internet routable"

the FIX?

EDIT your HOSTS file. TCP/IP query's are sent to THIS file.

 

[darkmagex]

Goosemaster: basically you got it all down. Are you saying its a router problem and there is no way to do this without editing the hosts file?

 

[Goosemaster]

Originally posted by: darkmagex
Goosemaster: basically you got it all down. Are you saying its a router problem and there is no way to do this without editing the hosts file?

meh. read it again Then again, maybe I FUBAR'd the point as usual.


If you want to use alias's, it isn't a problem as long as you stick the information in the right place. Basically, put the alias in the HOSTS file.

caption from a fictional linux hosts file

nameserver 65.88.45.45
nameserver 65.88.9.4

As you can see, these are DNS requests, which are at the 4th Layer of the TCP/IP Protocol, and they work fine.

Basically the HOSTS file will send it via TCP/IP....

 

[mboy]

Allowing netbios to traverse over ther 'net (in or out)is BAAAAAAAAAAAAAAD!!!!