Sorry for the delay in responding everyone, more work than hands. i've used a protocol analyzer to verify the requirements of the \\ command to see if maybe i was restricing the service in some way, but i don't have any ACL on the switch and all the vlans are directly connected so routing should be straight forward. thanks in advance

Okay, so now can you put the protocol analyzer on the destination VLAN and see if the traffic is making it through the IV routing part? Just to rule out any kind of Windows FW for IPS feature blocking the connection...

I think since you are one different subnets and have no WINS server you will have to use the LMHOSTS file to point everything to your domain.

The LMhost file in windows??? i'd really prefer to avoid that cause i can just see it being a lot of configurations on a per machine basis and would have to do it everytime a new machine is added. unless a script would work. but that would have the same problem i'm having noow with the config not being pushed.

I'll be out of the office tomorrow, but will try it on tuesday, thanks for the suggestion

will definitely give this a try to see how it goes and thanks for the wiki, about to go read it now

ok tried but the command is not available in the firmware of my L3 switch, thanks anyway though

hey everyone; still working on this issue so here are the updates, i tried adding the commands from mmacddonald70 but the result is the same, still can't get to the machine using \\machinename. couple things with the commands, for our switch i can't add it in the actual VLAN interfaces, it has to be a global command and the second one the no ip forward-protocol udp netbios-ss gives me an error UDP port 139 not found to delete. i also added a machine with wireshark installed on the other VLAN and tried the \\ the wireshark logs shows that the traffic is reaching the VLAN and the traffic is coming on port 445 and 137 and verified that these ports are passing through the windows firewall as part of the file and printer sharing rule. so i'm still in the same position as before. thanks for all the help so far though, been learning a lot through it.

Hmmm...it seems like if you are able to sniff the traffic on the other VLAN and have verified it is reaching the PC, then I would assume this is not a routing/switching problem. Keep us posted on what you find.

OK one and all, found the culprit...... seems years ago before i got here the then System administrator altered a GPO which then restricted file and print sharing to only the local subnet. as a result all inter-vlan traffic for F&P sharing was being block by said GPO. well thanks for the help anyway. at least this is one less thing to worry about.

Hello,

I'm sorry to fire this thread up again, but I'm having the same problem and I don't understand the solution. I can ping from every host of every VLAN to any other host in any other VLAN, I can use FTP to a NAS disk in a different VLAN, but I can't see the other VLAN computers in the network plaves, or use the printers in different VLANs. Where can I find the GPO configuration and how do I change it?

Thank you very much,

Jud

Hi Jud,

The original poster's problem was actually beyond the scope of Cisco devices, as it was a problem with the Windows Group Policy setup, which basically told all the client computers that they may only share files and printers with devices on their local subnet (i.e., not through routers).

From what I understand, though, is that in order to have Windows File and Printer Sharing across multiple subnets, you need to have a WINS server that all machines on all subnets can communicate with.  WINS is like DNS in that it takes these Windows host names and maps them to their destinations.

In essence, if you want to communicate with another computer using its hostname, you need to send a request to find out which IP address belongs to which hostname.  If you use broadcasts, you will only be able to find those on your local subnet.  The client can not and will not have any idea of any networks and hosts residing outside of the local subnet, unless you give it a WINS server to help with queries.  The server will take the queries and process them, sending back results, therefore enabling \\hostname-here requests to work across multiple subnets.

That's what I'm understanding from all the discussion in this thread, anyways.  If anyone else knows more about WINS and SMB across subnets, now's your time to shine

You dont need a WINS server. You can append the DNS suffix in DNS so that you dont have to use the fully qualified name. If you do an ipconfig /all, you will see the DNS suffix appended there if DNS has been configured correctly. You need to remote onto one of your domain controllers, open up group policy in the group policy management console or whatever method you use to edit group policy and change the default domain group policy to allow file and print sharing.