Hi Marvin,

I thought maybe it had to do with the SMB version so I turned on SMB v1 but that still won't connect.  I used the exact same formatting as yours and I get this:

I have the verified the share permissions and the user has R/W on it.

What else can I be missing here? 

Thank you.

The error message is quite ambiguous. Perhaps a packet capture on the target SMB hosting server would be informative. 

Hi Marvin,

Wireshark shows the SMB Negotiate Protocol Request being sent from the FMC but the destination host sends a RST flag resetting the connection.

I have no clue what could be causing this.

A TCP reset from the target host generally means it's not accepting connections on that port or protocol or else it restricts them to certain addresses (e.g. in Windows firewall).

You could try to mount the share as a network drive from another Windows PC as a test.

My working server is running Windows Server 2016 (all the latest updates applied) with Windows Firewall disabled.

Here's a screenshot of a Wireshark capture when it's working. As you can see in the decode, it's SMB2. SMB1 is insecure and deprecated and should NOT be enabled.

FMC SMB Test Success

Marvin, 

Thanks for your input here.  SMB2 appears to be working fine when I mount the share from other PC's. It's only the FMC that is having trouble.  Right now the FMC is only at v6.2.3.  I plan on moving up to 6.4.0.4 soon.  I wasn't able to connect to remote storage when it was at 6.2.2 either.

I already disabled SMB1, I just had it open for that last test.  I also have the Windows firewall disabled.  

Any other thoughts? I checked the access list in the FMC but that only seems to be for management access to the FMC using ports 22,443, and 161.

Thanks. 

There was one resolved SMB bug in 6.2.3.13 and a couple in 6.4.0.2 and 6.4.0.6. None of them should affect the basic operations though.

Given that the Windows server is sending a TCP reset, I strongly suspect a domain policy on the Windows side. I'm not enough of a server admin to point you to the right setting though. You may find an event in the Event Viewer on the Windows server that shines more light on the issue.

Hi @Marvin Rhoads ,

I ended up raising a ticket with TAC. The engineer is saying that the FMC only supports SMB1.  Does this sound right to you? He's recommending NFS or SSH since SMB isn't working.  Like you said, these are basic functions. I already tried with SMB1 and that wouldn't connect either.  It's got to be something else that I'm overlooking.

I don't usually contradict the TAC, but given that I have a packet capture showing SMB2 working between FMC and Windows Server 2016 I would say they are mistaken in this case.

If you can easily deploy a Windows Server 2016 instance in ESXi that's not joined to your domain, you might test with that. There are so many variables in an AD-joined Windows server that it's nearly impossible to guess which one might be preventing the successful mount.

The only other quick check you can do is change it to IP address vs hostname (if it's not already that way).  There error message is so ambiguous that it might be something like name resolution.

Hi Jason,

I had also tried using the IP of the host. I got the same ambiguous error that time also. I've tried two different hosts with he same results.  I ran Wireshark and as far as I can tell, the SMB negotiation gets reset for some strange reason.

Hi there,  were you ever able to figure this out?  I am having the same issue on FMC 7.2.5