Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


map a drive over internet

Posted on 2013-06-21
Medium Priority
Last Modified: 2013-09-29
How can i map a share driver over the internet without VPN?
I have windows 2003 file server.
local IP is NATed with public IP address
opened the port 445 and 139 on the Firewall
whe I try to map \\public_IP_addreess\Share name, it asks for the user ID and Password.
But it doesn't accept domain admin or Domain normal or local account.
Please help
Note NO VPN and Expanddrive can't be used
Question by:mehannu1
  • 5
  • 4
  • 2
  • +1
LVL 12

Expert Comment

ID: 39265995
your missing a step or 2

mappped drives are for networks
in order to map a drive in different locations...
first you must connect the networks
as you mentioned with something like a VPN

does that mean you can not connect without a VPN -
not necessarily  there are other methods
you can connect to a remote location
(RDP-LOGMEIN-etc) and then remtely access a resource
plus there are many other options
you can make a publi share
advertise it
and then have your ISP resolve that share

Author Comment

ID: 39266078
Not clear about the solution.

RDP or Logme in can't be used.
We wanted connected to a share drive from Outside of our network over the publick IP address which is NATed to the local IP of the file server.
\\10.120..x.x\Share name
we wanted to do the same thing on the same server from Outside of our network
\\207.x.x.x\Share name

when we do that it asks for user id and password. But it doesn't accept it
LVL 12

Expert Comment

ID: 39266694
not meant to be used like that

you could possibly use a share via web or ftp


or 3rd party app like hamachi or webdrive

but not directly like your trying

not to mention the serious security issues

can it be made to work...maybe
possibly with port forwarding to fileshares
and if ISP does not block these ports
which they do
because every new virus / malware attacks these known ports

imho stay away - try a 3rd party tool - many are free
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.


Accepted Solution

Allen White earned 1500 total points
ID: 39267679
You're getting the logon prompt so you've got part of the connection. I think what you may be missing is just needing several more ports to be passed through and you should be set-

Along with port 139, open up the other 4 ports (135-138); port 138 specifically takes care of the browsing and logon.

Expert Comment

ID: 39267706
I agree with DarinTCH.  This is a serious security risk.

Expert Comment

by:Allen White
ID: 39268452
I agree with Darin as well that is a major security risk. However, to technically answer his question, you can use the ISP as the medium for your network connection given the suggestion I gave earlier. I confirmed this last night by setting up a 2003 server as the host and opening ports 135-139 on the firewall between the host and the client. The ISP that used in this lab setup is AT&T.

To the original poster, please let us know how it's progressing and if our suggestions helped.

LVL 12

Expert Comment

ID: 39270221
yes if you port forward those common ( and therefore troublesome ports)
but sometimes you need 445

and some have even gone webdav and 5005

so I guess I wanted you to know there are many other -- free - safer ways

and any Security - network or sysadmin worth his salt would NOT directly open these ports

Expert Comment

by:Allen White
ID: 39286354
I think he gets the picture that its not safe ;-) we don't know all the circumstances, this could be a lab setup.

*Regarding my test setup, I didn't use port forwarding. I used NAT and I simply allowed those ports through on my router. I tested this between 2 ISP service types -  the host on a home ISP and the client using the mobile cellular ISP. However, as you point out, for internet providers that don't have these ports open then forwarding is necessary.

Mehannu1, well to sum it up, you have a technical solution and also been given a number of safer/more secure recommendations as well :-)

So, how is the project working out thus far?

Author Comment

ID: 39318376
I've requested that this question be deleted for the following reason:

no longer needed
LVL 12

Expert Comment

ID: 39318377
But the question was answered in several comments
concern was expressed for obvious security issues
several direct solutions were provided
and several alternative solutions were provided
you might consider choosing the solution you liked or splitting the decision

as you mark the question complete it will be available for other EE users

Expert Comment

by:Allen White
ID: 39320641
option 3 - question answered by one or more expert comments

Reason: aside from security concerns, this post gave the technical answer

Additional info:

Reason: describes the setup and testing for solution

Expert Comment

by:Allen White
ID: 39531022
Also this site can do without the "me too" comments like the one from alizarraga1 since it added no value.

The site would also be better off if people like DarinTCH wouldn't post at all. Being that he was proven wrong then acted like a baby by constantly belittling the OP about security as well as his multiple comments on security after I have the correct answer just shows his immaturity and ignorance. A port doesn't make something insecure - it's the service running through that port that possibly affects how secure a connection is. Darin did you know you can remap port 139 to a VPN ?

Bottom line - we're here to provide technical answers, not to be judge and jury and ask why, but simply to answer how. Recommendations are welcome if the technical answer is given with it. But simply blabbing your not so humble and misinformed opinions does nothing to help and it only deters the OP from coming back to this site for help in the future.
You didn't even take the time to ask what his goals were or if it was a lab setup or anything. You were too focused on stroking your ego and tech savvy mad skillz which in the end just back fired on you and you were made to look like an idiot.

I hope neither you or alizarraga1 got any points. If possible, is give you negative points for your nonhelpful and over all ignorance that were only over shadowed by your poor attitude

To the OP: I'm embarrassed to be on the same site as these types of people, but please know that not everyone here is like that and I encourage you to keep active on the boards and forums here. Personally, I thought your question was a great one because not a lot of people are aware of what your issue addressed. You've done a great service by adding to the database here of other tricky questions which resulted in a solution that others like yourself will certainly benefit from.

Thanks again mehannu1!
And to DarinTCH - go outside and find a friend - learn how to interact with people without being a pompous elitest dick (and worst of all, you have nothing to be arrogant about) - once get some friends - and no doubt get your butt kicked in the process of correcting your social retardation - then come back and feel free to post and be constructive to the community.

If that caused a wound then why don't you pour some if your awesome "admin worth his salt" on it and go cry to your mother and beg her to enroll you in computer course. Until then, save us all from your verbal diarrhea

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question