On 31 Jan 2001, at 16:00, Jez Humble wrote:
> Although I know nothing about PIX, I can tell you why WINS works and file /
> print sharing doesn't. WINS uses port 137 whereas file/print sharing uses port
> 139. This explains your PIX log message: the faddr x.y.z.32/139 bit is where
> it's trying to get through on port 139 and can't.
>
> As I say, I've no idea how PIXs work, but try opening up port 139 from your
> internal network outwards. I don't know enough about SMB to tell you if you'll
> need to allow inward connections: I doubt it, so try without first.
I have opened 138 and 139 from internal to dmz and outside (but only to
hosts outside my firewall on my subnet), sorry I didn't mention that before. I
don't want to allow inward connections, and I've never had to do it before so I
don't think that's the problem. It may be to do with the outside machine
between connected to 2 routers and therefore it may be trying to send the
packets back out on the wrong gateway - the file sharing uses UDP which
could be why it's screwed up. I might have problems adding another gateway
to the machine.
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
