Re: Netbios

cisconoval · ‎12-29-2006

Hello,

am having two server with different network.

unable to access the servers either side with netbios name.

Please advice me how to enable the access.

Its very urgent i would be greatfull if i got the resolution ASAP.

Thanks in Advance

sourabhagarwal · ‎12-29-2006

NetBIOS name must be resolved to an IP Address (the NetBIOS name-IP address resolution) which is often done by WINS server.

are you able to ping server through their IP address? If yes and you are unable to ping through Netbios, you need to look at your WINS server as it is not resolving Netbios name to IP address.

in addition to that, you can create an entry in the LMHOSTS file on windows PC from which you are trying to ping server with Netbios name. LMHOSTS is generally kept at c:\winnt\system32\drivers\etc. Once done, you should be able to ping server through Netbios name.

hope it helps ... rate if it does ...

cisconoval · ‎12-29-2006

thanks

we have tried already wiht LMHOST but it was unsuccessfull.

sourabhagarwal · ‎12-29-2006

are you able to ping through IP address?

if yes, then you need to check the WINS server as why it is not resolving Netbios to IP address.

cisconoval · ‎12-29-2006

Yes, we can ping through IP. Is any access-list need to configure to open the required ports?

Because some other servers are accessing this server through Netbios name. I couldn't check that network setup that is the issue now....

sourabhagarwal · ‎12-29-2006

I feel TCP ports 135-139 should be allowed if they are getting blocked by an ACL applied to any of the interface between servers.

check this URL to get more information.

http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm

pciaccio · ‎12-29-2006

Use the IP HELPER-ADDRESS command onthe interface with the windows client. This command forwards the NetBios UDP packets across differing networks...Please rate....

cisconoval · ‎01-10-2007

Please tell me what will happen if execute the below command.

Permit udp any any eq netbios-ns

Permit udp any any eq netbios-dgm

Permit udp any any eq netbios-ss

sourabhagarwal · ‎01-10-2007

This ACL is permitting any source network to access any destination network on netbios-ns, netbios-dgm, netbios-ss UDP ports. Rest all traffic will be denied by the ACL as there is always a implicit deny in access lists.

hope it answer your query .. rate if it does ..

cisconoval · ‎01-10-2007

Thks for your reply.

Is it equalent to enabling the port 135-139? as you said earlier..?

sourabhagarwal · ‎01-10-2007

I was looking at microsoft site and found that Netbios uses below TCP/UDP port numbers.

Network basic input/output system (NetBIOS) name service:- 137/tcp, 137/udp

NetBIOS datagram service:- 138/udp

NetBIOS session service:- 139/tcp

so we need to open these particular TCP/UDP ports in ACL. In your ACL, only UDP ports are permitted but few service use TCP port and not UDP, so we need to re-design ACL like this.

access-list 10 permit udp any any eq netbios-ns

access-list 10 permit tcp any any eq netbios-ns

access-list 10 permit udp any any eq netbios-dgm

access-list 10 permit tcp any any eq netbios-ss

OR

access-list 10 permit udp any any eq 137

access-list 10 permit tcp any any eq 137

access-list 10 permit udp any any eq 138

access-list 10 permit tcp any any eq 139

rest traffic will be deinied, make sure you add further permit statements to allow inside traffic to go outside depending on your requirement, otherwise traffic from inside will go for only these ports and other traffic will be blocked.

check this URL which tells about the specific ports used by NetBIOS.

http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx

cisconoval · ‎01-10-2007

Many Thanks for your suggestion. Will try this and let you know if its success..