Accessing Windows shared drives behind a router

I would like to move a Windows 2008 R2 server from the WAN side of a PfSense router to the LAN side (this is all on VMware Esxi 5.1).  But I still want clients on the WAN side to be able to access the shared drives of the server.

Outbound traffic on the router (LAN to WAN) is unrestricted.  I assume this involves using NAT to map ports on the WAN router IP to LAN IPs.  But what ports need to be opened?  How do the users on the WAN side set up their mapping.

This must be a common scenario.
Who is Participating?
bcrosby007Connect With a Mentor Commented:
You could use a VPN, which would be secure, but with a little more overhead. You could also use FTP.
If you do want to open ports on your router and Nat to a network share, you are basically opening your network to a ton of vulnerabilities. It can be done though. I think the MS filesharing ports are..
• Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139.
• Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD).
I would not recommend opening your router up though..
You could use WebDav to do this through IIS
dakota5Author Commented:
Based on your recommendation, I started reading about this.  Yes, it could work, but I need something simpler, with less overhead.  I have several workstations and servers to put behind a router.  There must be some standard way of doing this.
dakota5Author Commented:
Thank you for your precise answer.  Works perfectly.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.