SSL VPN
Reply
Visitor
tdelfairiere
Posts: 7
Registered: ‎08-04-2011
0

WSAM - NT4 File sharing

Secure access 4500 - v7.1

Hi,
I'm trying to use wsam and Nas ( NT4 compatible). The NAS server is Netapp appliance which is configured with NT4 compatibility: the appliance only listen on TCP port 139 (Not 445).

When I browse the file shares from the lan, the communication uses TCP port 139.

I have configured SA wsam with "wsam Destination" and "Netbios Application". It seems wsam try only to connect on port 445. And so I have an error message on Windows : "The specified network name is no longer available".

Does it mean WSam only want to use TCP port 445 for file sharing and don't use port 139 if 445 is not available?

Thomas


Moderator Moderator
Moderator
RKB
Posts: 152
Registered: ‎09-22-2008
0

Re: WSAM - NT4 File sharing

With WSAM in destination mode you should be able to specify the server and the required ports. Try adding port 139 and 445, ensure that you have appropriate ACLs on the SA to allow these ports.

Visitor
tdelfairiere
Posts: 7
Registered: ‎08-04-2011
0

Re: WSAM - NT4 File sharing

WSAM destinations  and ACL are set with servers and TCP ports 139,445.

 

Laptop OS is windows XP, NT integrated, If I open a windows session with NT credential, I can't connect on file sharing

On an other AD integated Laptop If I open a windows session with AD credential, I can connect on file sharing.

In both cases I use the same Secure Access user with same roles (WSAM destinations etc.).

 

 

Visitor
alpohnse
Posts: 6
Registered: ‎01-31-2012
0

Re: WSAM - NT4 File sharing

Hi,

On your SAM policy did you set the netbios name of the file server or the IP address ?

 

Best Regards,

Moderator
zanyterp
Posts: 2,274
Registered: ‎11-19-2007
0

Re: WSAM - NT4 File sharing

Are both laptops configured to allow the 139 fallback? I know it is possible to disable it, though I am not sure on the details.  What does your WSAM debug log say? Event log?

Visitor
tdelfairiere
Posts: 7
Registered: ‎08-04-2011
0

Re: WSAM - NT4 File sharing

On the same laptop, with the same secure access account and the same roles:

If I open a windows session with a NT4 member login , and then launch secure access and WSAM, I can't access to the NAS server.

If I open a windows session with an Acitve Directory account, I can access to the NAS server.

(I set the netbios name in the wsam destinations).

Moderator
zanyterp
Posts: 2,274
Registered: ‎11-19-2007
0

Re: WSAM - NT4 File sharing

Hi tdelfairiere,

 

I would recommend opening a case with JTAC. I think WSAM should be able to fallback to 139 if 445 is not reachable; do you see any response from the server on 445 when you check the IVE TCP dump?

 

What do "NT4 member login" and "Active Directory account" refer to: the credentials you use to map the drive OR the credentials used to login to the PC?

Visitor
tdelfairiere
Posts: 7
Registered: ‎08-04-2011
0

Re: WSAM - NT4 File sharing

Hi,

 

I've opened a case.

 

When I use a Windows XP which is integrated in a NT4 domain, I can't reach the shares.

If I use a Windows XP which is integrated in a AD domain, I can reach the shares.

In the both cases, I use the same account (this account is part of an other directory, not a NT4 login or AD login) to log in the secure access, with the same roles and the same wsam profiles.

 

It seems the Windows XP which is integrated in a NT4 domain acts differently with netbios session serivce and in this case the WSAM proxy don't intercept the traffic.

 

Moderator
zanyterp
Posts: 2,274
Registered: ‎11-19-2007
0

Re: WSAM - NT4 File sharing

Ok, thank you.

The credentials used to login to secure access will not impact this in any way as that does not touch the credentials used for WSAM-based access; it does look like there is something different on the OS.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.