Re: Cannot browse folders thru a Pix

pdpmail · ‎08-02-2004

I am trying to allow inside host pcs on a Pix 501 (running 6.3 os) to be able to browse shared folders on some outside PC's. This is not an NT domain based environment - just your regular workgroup networking technonolgy. I have played with udp 137 and 138 but cannot get an inside Windows PC to see the outside machines in the network neighborhood part of windows explorer. And obviously, at the moment - the inside PC cannot access any drive shares on the outside. Configuration guidance would be very very appreciated. Thanks everyone, Peter (pdpmail@aol.com)

paddyxdoyle · ‎08-02-2004

Hi,

Try opening 135 to 139 both UDP and TCP through the PIX, If you want to try and reduce this you can then check your logs or do a "show access-list name" to see which of these ports are being hit when you try and browse a share

See the following Microsoft link for details:

http://support.microsoft.com/default.aspx?scid=kb;en-us;298804

Rgds

Paddy

pdpmail · ‎08-02-2004

Will try this tonight. Will post results in case anyone interested. Thanks. Peter

jmia · ‎08-02-2004

If you really want to play with fire then go ahead and open up those Microsoft ports. If you read carefully the Microsoft article from the previous post you'll notice that Microsoft actually don't recommend opening up the mentioned ports.

What is the point of having a firewall protecting you internal network when you are exposing it to the external world/internet!

Just a thought.

Jay

paddyxdoyle · ‎08-02-2004

Jay,

The post states the clients with the shares on are on the outside so allowing access to these ports from the inside is not going to expose inside clients.

Rgds

Paddy

pdpmail · ‎08-02-2004

Jay this is a pure test lab not production environment so no danger.