Solved

Mapping a network drive outside LAN problem

Posted on 2003-11-04
16
1,783 Views
Last Modified: 2010-03-18
Hi,

I am trying to map a network drive outside my LAN without any luck. The machine I need to map is a Dell Powervault NAS server in a datacentre somewhere.


net use \\xxx.xxx.xxx.xxx\map$ /user: administrator


I tried mapping it from my office: no problem at all. I try to map it from my home and I keep getting the error: System error 53 has occurred. The network path was not found.

Now, I CAN ping the machine. I can login to it with Terminal Services. And, I try the same from my office (which isn't in the ip range either or something) and it works fine. I'm really a novice when it comes to these things apparently. Is there any setting I missed. Does the target server have an entry of my office's router ip address and not the one I have at home (and thus restricts access or something). Both client machines have winXP. Disabling firewalls etc didn't help. What am I doing wrong?

Thanks!!

Razzie
0
Comment
Question by:Razzie_
  • 7
  • 6
  • 2
  • +1
16 Comments
 
LVL 5

Expert Comment

by:juliancrawford
ID: 9683562
I would first try to authenticate via the command prompt.
>net use \\xxx.xxx.xxx.xxx\ipc$ "mypass" /u:administrator
<--substitute the administrator password for mypass

then try to map the drive
>net use * \\xxx.xxx.xxx.xxx\map$
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9685442
Hi, thnx for your comment.

Unfortunately, I still get the exact same error when trying to authenticate doing it in exactly the same way. Thanks though.

Any other suggestions?

Razzie
0
 
LVL 5

Assisted Solution

by:juliancrawford
juliancrawford earned 50 total points
ID: 9686668
are you sure that port 139 or 445 is open on the pc you are trying to access?
Sounds like a firewall could be in the way.
if you have a port scanner test to see if 139 or 445 is open - they are needed for mapping.
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9687693
I believe so, I mean, should it make a difference since I am able to connect to it from my office? The necessary ports should be open then I guess?

I believe it has something to do with the server accepting incoming connections only from known ip addresses or something? But I couldn't find settings like that.... going crazy about this since I *have* to be able to map the drive!

I increased the question with 30 points (all I got)...
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9693248
Port 139 would be one of the ports that would be blocked from the Internet as it a vulnerability. I suggest you take up juliancrawford's advise & scan the ports to see if they're open.

You office network is local & is considered a trusted environment, so there shouldn't be much of an issue. However, if you're coming into the office network from the Internet, which I assume you're using VPN, then there'll most probably be a firewall in between. So even though your server might not be blocking the traffic coming in from the Internet on those particular ports, the firewall most probably would.
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9693308
Hi,

Thnx for the reply!!
I tried to telnet to port 139 on the server machine and couldn't connect. HOWEVER:

- My office is not local with the server machine. The server machine is in a seperate data centre. So I guess my office pc isn't considered trusted.
- I have full firewall clearance to reach every machine in the datacentre
- A colleague of mine tried to map the same machine from HIS home pc and HE could connect without a problem. His pc is as 'untrusted' as mine (but he has the same firewall clearance as mine)
- I tried to map to a server IN my office (so a whole different machine) and I couldn't connect to that one either?! Seems like I can't map ANY drive at all?

So I think it is safe to conclude that it is a problem with my machine and not the server?
Also, when I tried to connect using 'net use \\xxx.xxx.xxx.xxx\dir$ * /user:administrator' (notice that additional wildcard) it did ask me for a password this time? I am not quite familiar with the net use command, but does that mean anything?

Thans again,

Razzie
0
 
LVL 9

Expert Comment

by:svenkarlsen
ID: 9699389
I'd say: check with your ISP to verify that  they have not got any lock on that port.

  - and then borrow the pc from work and set it up at home just to test if it's your pc or your connection that's causing the trouble.

0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9700602
Since the error message is more of not being able to find the network path, it's most probably due to the client being unable to reach the host. Being able to ping doesn't mean the client can connect. Furthermore, for port 139, I don't think telneting to the port will provide you with a means of connection.

As suggested, by svenkarisen, check the ISP, unless your colleague's ISP is the same as yours. And if possible, try it with the same system as that in the office at home.

Btw, are you using a VPN connection for home access to the server ?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 8

Author Comment

by:Razzie_
ID: 9758221
I portscanned my ip address and both 139 and 445 were 'open'. I scanned the server machine and they were 'filtered'. What does filtered mean? Again, a colleague can map the drive, and I have the same 'clearance' as he. So I don't think it is a firewall issue. Does filtered has anything to do with incoming and outgoing ports? Since I contacted my ISP and they told me both ports are open, but some people said on the web that only the outgoing ports are blocked, not the incoming ports. I don't know how to check that :)

So basically, I still don't know what the problem is. I do not use VPN I guess? (I connect directly to the server machine). Next week I'll try to map a shared folder on my home pc from my office, see if that is possible. Also, I CAN map a drive on my LAN, just not on the web. Any... suggestions? Like other commands than 'net use' to check connectivity or something? Thnx!
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9758235
Btw, when I use the netstat util at the time I try to map the drive, it says 'SYN_SENT', and it never changes from that status. So I guess that means I sent a SYN packet but never receive an ACK? But that could still mean that the fault is with my pc and not the server?
0
 
LVL 5

Accepted Solution

by:
mapledrums earned 100 total points
ID: 9807827
Wierd, I never got an email stating that new comments were posted here...

What port scanning software did you use ? Filtered could mean that the ports are put through a access control list, etc. Probably a firewall in place somewhere. When you port scanned your machine, your ports are open as you don't block or firewall your ports. Btw, this isn't a good idea as it opens up your machine to malicious intents (viruses, etc) on the Internet, suggest that you get a personal/hardware firewall for your machine for home use.

As long as the ports are blocked, filtered, etc., there should be a firewall somewhere along the network. It might not be directly on your server. I have a feeling the firewall is most probably the one used by your data centre.

If the outgoing ports are blocked, that means that the packet comes into the server, but it's not able to go out of the server back to the client. As you mentioned, your colleague is able to connect to the server from his home, the differences in his case would be his login/password, ISP ip address range, PC configurations. I suggest you try logging into your home PC with his login credentials & try to map the drive. If anyone has a laptop that's able to map from home, try bringing that to your home to see if it works. From there, you should be able to narrow it down some more.

If you PC sent the SYN_SENT, that means that the packet went out to the server to establish a connection, however the reply never came back from the server. It could either mean that the server never got the packet or that it got the packet but was unable to send it back to the client. You can check which of the scenerio occurs by doing a netstat on the server after you try to map the drive.
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9809581
Thnx for the help.

I did a netstat on the server when I was mapping the drive and the connection was 'established'. So that would mean I can connect to the server, but he cannot reply to me right? Correct me if I'm wrong, but that would mean that I can get through the firewall? (which I always thought I could since this is confirmed by my network administrator of the office / datacentre) Since I login with the same credentials, (or let's say, from my office I can use all credentials I want and can still map the drive) I still don't know what it is :) Most likely some strange ISP problem or something...

Well, this has been going on long enough, too bad the real cause of this problem is still unknown to me, but thanks all for the great help. Since mapping the drive isn't such a priorit as I thought it to be, I'll close this :)
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9811273
Razzie_, have a look at this http://web.brandeis.edu/pages/view/Bio/FileSharingWindowsXP. It's be something to go on if you need it for further troubleshooting in future. We'll still be here if you need more help :)
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9811330
0
 
LVL 5

Expert Comment

by:mapledrums
ID: 9811414
If the connection was established on both ends (server & client), it just means that a session was created to enable communication, but it looks like the data isn't able to pass through. For windows file sharing, both TCP & UDP ports have to be open, if I'm not wrong.

Btw, it isn't a good idea ultimately to leave these ports open to the Internet. You should have a VPN in place for this.

Here is an article on why file sharing should be blocked: http://www.nacs.uci.edu/security/netbios.html
0
 
LVL 8

Author Comment

by:Razzie_
ID: 9861362
Hmm now I was the one not receiving the email of a reply :)

I appreciate your replies mapledrums. I'll certainly check the links and will check the port 137 :)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now