Solved

map a drive over internet

Posted on 2013-06-21
13
552 Views
Last Modified: 2013-09-29
How can i map a share driver over the internet without VPN?
I have windows 2003 file server.
local IP is NATed with public IP address
opened the port 445 and 139 on the Firewall
whe I try to map \\public_IP_addreess\Share name, it asks for the user ID and Password.
But it doesn't accept domain admin or Domain normal or local account.
Please help
Note NO VPN and Expanddrive can't be used
0
Comment
Question by:mehannu1
  • 5
  • 4
  • 2
  • +1
13 Comments
 
LVL 12

Expert Comment

by:DarinTCH
ID: 39265995
your missing a step or 2

mappped drives are for networks
in order to map a drive in different locations...
first you must connect the networks
as you mentioned with something like a VPN

does that mean you can not connect without a VPN -
not necessarily  there are other methods
you can connect to a remote location
(RDP-LOGMEIN-etc) and then remtely access a resource
plus there are many other options
you can make a publi share
advertise it
and then have your ISP resolve that share
0
 

Author Comment

by:mehannu1
ID: 39266078
Not clear about the solution.

RDP or Logme in can't be used.
We wanted connected to a share drive from Outside of our network over the publick IP address which is NATed to the local IP of the file server.
Eg;
\\10.120..x.x\Share name
we wanted to do the same thing on the same server from Outside of our network
\\207.x.x.x\Share name

when we do that it asks for user id and password. But it doesn't accept it
0
 
LVL 12

Expert Comment

by:DarinTCH
ID: 39266694
not meant to be used like that

you could possibly use a share via web or ftp

www.mydomain.com/sharetest

or 3rd party app like hamachi or webdrive

but not directly like your trying

not to mention the serious security issues

can it be made to work...maybe
possibly with port forwarding to fileshares
and if ISP does not block these ports
which they do
because every new virus / malware attacks these known ports

imho stay away - try a 3rd party tool - many are free
0
 
LVL 1

Accepted Solution

by:
Allen White earned 500 total points
ID: 39267679
You're getting the logon prompt so you've got part of the connection. I think what you may be missing is just needing several more ports to be passed through and you should be set-

Along with port 139, open up the other 4 ports (135-138); port 138 specifically takes care of the browsing and logon.
0
 
LVL 1

Expert Comment

by:alizarraga1
ID: 39267706
I agree with DarinTCH.  This is a serious security risk.
0
 
LVL 1

Expert Comment

by:Allen White
ID: 39268452
I agree with Darin as well that is a major security risk. However, to technically answer his question, you can use the ISP as the medium for your network connection given the suggestion I gave earlier. I confirmed this last night by setting up a 2003 server as the host and opening ports 135-139 on the firewall between the host and the client. The ISP that used in this lab setup is AT&T.



To the original poster, please let us know how it's progressing and if our suggestions helped.

Thanks,
Allen
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 12

Expert Comment

by:DarinTCH
ID: 39270221
yes if you port forward those common ( and therefore troublesome ports)
but sometimes you need 445

and some have even gone webdav and 5005

so I guess I wanted you to know there are many other -- free - safer ways

and any Security - network or sysadmin worth his salt would NOT directly open these ports
0
 
LVL 1

Expert Comment

by:Allen White
ID: 39286354
I think he gets the picture that its not safe ;-) we don't know all the circumstances, this could be a lab setup.

*Regarding my test setup, I didn't use port forwarding. I used NAT and I simply allowed those ports through on my router. I tested this between 2 ISP service types -  the host on a home ISP and the client using the mobile cellular ISP. However, as you point out, for internet providers that don't have these ports open then forwarding is necessary.

Mehannu1, well to sum it up, you have a technical solution and also been given a number of safer/more secure recommendations as well :-)

So, how is the project working out thus far?
0
 

Author Comment

by:mehannu1
ID: 39318376
I've requested that this question be deleted for the following reason:

no longer needed
0
 
LVL 12

Expert Comment

by:DarinTCH
ID: 39318377
@mehannu1
But the question was answered in several comments
concern was expressed for obvious security issues
several direct solutions were provided
and several alternative solutions were provided
you might consider choosing the solution you liked or splitting the decision

as you mark the question complete it will be available for other EE users
0
 
LVL 1

Expert Comment

by:Allen White
ID: 39320641
option 3 - question answered by one or more expert comments

html#a39267679
Reason: aside from security concerns, this post gave the technical answer

Additional info:
html#a39286354

Reason: describes the setup and testing for solution
0
 
LVL 1

Expert Comment

by:Allen White
ID: 39531022
Also this site can do without the "me too" comments like the one from alizarraga1 since it added no value.

The site would also be better off if people like DarinTCH wouldn't post at all. Being that he was proven wrong then acted like a baby by constantly belittling the OP about security as well as his multiple comments on security after I have the correct answer just shows his immaturity and ignorance. A port doesn't make something insecure - it's the service running through that port that possibly affects how secure a connection is. Darin did you know you can remap port 139 to a VPN ?

Bottom line - we're here to provide technical answers, not to be judge and jury and ask why, but simply to answer how. Recommendations are welcome if the technical answer is given with it. But simply blabbing your not so humble and misinformed opinions does nothing to help and it only deters the OP from coming back to this site for help in the future.
You didn't even take the time to ask what his goals were or if it was a lab setup or anything. You were too focused on stroking your ego and tech savvy mad skillz which in the end just back fired on you and you were made to look like an idiot.

I hope neither you or alizarraga1 got any points. If possible, is give you negative points for your nonhelpful and over all ignorance that were only over shadowed by your poor attitude

To the OP: I'm embarrassed to be on the same site as these types of people, but please know that not everyone here is like that and I encourage you to keep active on the boards and forums here. Personally, I thought your question was a great one because not a lot of people are aware of what your issue addressed. You've done a great service by adding to the database here of other tricky questions which resulted in a solution that others like yourself will certainly benefit from.

Thanks again mehannu1!
And to DarinTCH - go outside and find a friend - learn how to interact with people without being a pompous elitest dick (and worst of all, you have nothing to be arrogant about) - once get some friends - and no doubt get your butt kicked in the process of correcting your social retardation - then come back and feel free to post and be constructive to the community.

If that caused a wound then why don't you pour some if your awesome "admin worth his salt" on it and go cry to your mother and beg her to enroll you in computer course. Until then, save us all from your verbal diarrhea
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

This article covers how to install the Microsoft Windows Operating System (OS). What is covered in this article:  > Different Versions and Editions of the Windows OS  > Upgrading versus Fresh Installation of the OS           - Steps to take pr…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now