Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)2Degrees Broadband blocking port 445?
tegraman

11 posts

Geek


#280349 10-Dec-2020 09:15
Send private message

We have 2Degrees business broadband in the office, and I am trying to access an Azure storage account. Mapping a drive to the account fails, and the cause is that port 445 is being blocked. 

 

The same thing works fine via my home ISP (Vodafone).

 

Does 2Degrees block port 445?

 

(I've tried asking 2Degrees directly via their contact page, but have had no response!)

Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Lovebug
16 posts

Geek
Inactive user


  #2619166 10-Dec-2020 09:24
Send private message

This is likely (almost certainly) due to CGNAT if it isn't a misconfiguration on your end. Although I would have thought that a business connection would have a static IP set. You will probably be forced to ask them for a static IP to resolve this.

 

 

 

 

 
 
 
 

Free professional, reference and technical white papers (affiliate link).
SaltyNZ
8068 posts

Uber Geek

Trusted
2degrees
Lifetime subscriber

  #2619168 10-Dec-2020 09:25
Send private message

We don't block anything, no. Check your router first. I'm not familiar with the connectivity requirements for an Azure store drive mapping. You may need to setup some port forwarding.

 

That said, we use CGNAT on individual broadband connections as do many providers, due to IPv4 addresses being an extremely finite resource. Although we go to some lengths to ensure it does not materially impact service, sometimes it can. If you are absolutely sure that your router isn't the problem, you could ask for a static IP address.

 

But check your router first. Alternatively you could try IPv6.

 

But check your router first.

 

 




iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.

NickMack
944 posts

Ultimate Geek

Trusted
Lifetime subscriber

  #2619208 10-Dec-2020 09:56
Send private message

SaltyNZ:

 

We don't block anything, no. Check your router first. I'm not familiar with the connectivity requirements for an Azure store drive mapping. You may need to setup some port forwarding.

 

That said, we use CGNAT on individual broadband connections as do many providers, due to IPv4 addresses being an extremely finite resource. Although we go to some lengths to ensure it does not materially impact service, sometimes it can. If you are absolutely sure that your router isn't the problem, you could ask for a static IP address.

 

But check your router first. Alternatively you could try IPv6.

 

But check your router first.

 

 

 

 

All business customers are assigned a static IP, so it will be a configuration item on your router or server/application configuration.

 

Nick




https://nick.mackechnie.co.nz | NZ ISP latency monitoring - https://smokeping.thenet.gen.nz 



tegraman

11 posts

Geek


  #2619229 10-Dec-2020 10:29
Send private message

The router is the Fritz!Box 7490 supplied by 2Degrees.

 

I can't see any settings via the Fritz!Box web interface that indicate any port blocking is in place. I can can see where that would be set up (Internet->Filters->Access profiles->Blocked Applications) but there's nothing there.

 

But then I found this: http://www.ab-weblog.com/en/open-ports-135-137-and-445-in-avm-fritzbox-routers/ 

 

... which says that some ports are blocked by default in these routers, and the only way to open the ports is to manually edit the config file.

 

I'll try this and report back.

cyril7
9049 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2619230 10-Dec-2020 10:29
Send private message

Hi, ummmmm are you trying to connect a direct SMB share over port 445 (which is SMB default port)? if so do you understand the security issues related with doing this, was this something Microsoft advised you to do?

 

Cyril

 

Edit, there is a very good reason the Fritz has those ports blocked by default, please understand to do SMB over the internet is not a safe thing to do.

 

 

tegraman

11 posts

Geek


  #2619261 10-Dec-2020 10:58
Send private message

Yes, Azure uses SMB 3.0 and this is how Microsoft advises users to map to their Azure file shares.

 

My understanding is that SMB 3.0 is internet-safe, while previous versions were not.

cyril7
9049 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2619278 10-Dec-2020 11:08
Send private message

Fair enough as long as you are aware that connecting to anything less than SMB3.0 shares is a major security risk, hence many ISPs and SOHO router vendors block it by default for very good reason.

 

Cyril 



c0ld
234 posts

Master Geek


  #2619403 10-Dec-2020 13:11
Send private message

tegraman:

 

The router is the Fritz!Box 7490 supplied by 2Degrees.

 

I can't see any settings via the Fritz!Box web interface that indicate any port blocking is in place. I can can see where that would be set up (Internet->Filters->Access profiles->Blocked Applications) but there's nothing there.

 

 

 

 

Internet->Filters->Lists->Global FIlter Settings 

 

You'll find 'NetBIOS filter enabled' setting in there. As mentioned previously, be mindful of risks if disabling.

freitasm
BDFL - Memuneh
78947 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2619410 10-Dec-2020 13:21
Send private message

Can I please ask exactly what you are trying to achieve? Are you trying to expose a file share from your LAN to the world? 

 

I am a bit confused because the Azure Files is the other way around and the documentation says port 445 should be open for outbound connections




Please support Geekzone by subscribing, or using one of our referral links: Mighty ApeSamsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup

 

My technology disclosure

cyril7
9049 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2619417 10-Dec-2020 13:26
Send private message

Hi, I think you will find the Fritz is blocking 445 outbound to stop users connecting to things they should not. I dont believe the OP intends to port forward 445 into his lan, well thats as I read it.

 

Cyril

tegraman

11 posts

Geek


  #2619446 10-Dec-2020 13:51
Send private message

Thanks everyone! To summarize:

 

- The Fritz!Box router was blocking port 445 outbound

 

- Unchecking: Internet->Filters->Lists->Global FIlter Settings->NetBIOS filter enabled opens the port

 

- But yes, I do need to consider the security implications!

 

 

 

Just a further comment: I take it that some of the above posters are from 2degrees. Does anyone actually check and respond to messages sent via the 2degrees support page? I asked the same question there more than 2 weeks ago, and got absolutely no response. Now I post the question on this public forum and get it sorted in a matter of hours.

SaltyNZ
8068 posts

Uber Geek

Trusted
2degrees
Lifetime subscriber

  #2619502 10-Dec-2020 14:48
Send private message

tegraman:

 

I take it that some of the above posters are from 2degrees.

 

 

 

 

I am, albeit I work in the mobile network, not the fixed. @NickMack was with us in the fixed network up till very recently.

 

 

 

 

Does anyone actually check and respond to messages sent via the 2degrees support page? I asked the same question there more than 2 weeks ago, and got absolutely no response. Now I post the question on this public forum and get it sorted in a matter of hours.

 

 

 

 

I believe they do; not sure why you didn't get any answer. Sorry!




iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.

dryburn
429 posts

Ultimate Geek


  #2619509 10-Dec-2020 15:15
Send private message

Also on two degrees an I have a similar issue with port 8081 and 32400 using a Fritxbox, it used to work earlier on in the year but stopped at some point. Using duckdns and ports are forwarded on the router. still been scratching my head trying to figure it out

c0ld
234 posts

Master Geek


  #2619531 10-Dec-2020 16:01
Send private message

dryburn:

 

Also on two degrees an I have a similar issue with port 8081 and 32400 using a Fritxbox, it used to work earlier on in the year but stopped at some point. Using duckdns and ports are forwarded on the router. still been scratching my head trying to figure it out

 

 

 

 

As you mention port forwarding (i.e incoming connectings) - are other port forwards still working? If not you've probably been migrated to CGNAT unless you've specifically requested a static IP.

dryburn
429 posts

Ultimate Geek


  #2622903 16-Dec-2020 16:48
Send private message

Yes it's CGNAT, I remember looking into this, but then got distracted. Called 2 degrees $10 for a static IP, they don't offer dynamic any more as an option :(

 

 

 

Which providers out there still offer dynamic IPs?

 1 | 2
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Synology DS925+ Review
Posted 23-Apr-2025 15:00

Synology Announces DiskStation DS925+ and DX525 Expansion Unit
Posted 23-Apr-2025 10:34

JBL Tour Pro 3 Review
Posted 22-Apr-2025 16:56

Samsung 9100 Pro NVMe SSD Review
Posted 11-Apr-2025 13:11

Motorola Announces New Mid-tier Phones moto g05 and g15
Posted 4-Apr-2025 00:00

SoftMaker Releases Free PDF editor FreePDF 2025
Posted 3-Apr-2025 15:26

Moto G85 5G Review
Posted 30-Mar-2025 11:53

Ring Launches New AI-Powered Smart Video Search
Posted 27-Mar-2025 16:30

OPPO RENO13 Series Launches in New Zealand
Posted 27-Mar-2025 05:00

Sony Electronics Announces the WF-C710N Truly Wireless Noise Cancelling Earbuds
Posted 26-Mar-2025 20:37

New Harman Kardon Portable Home Speakers Bring Performance and Looks Together
Posted 26-Mar-2025 20:30

Data Insight Launches The Data Academy
Posted 26-Mar-2025 20:21

Oclean AirPump A10 Portable Water Flosser Wins iF Design Award 2025
Posted 20-Mar-2025 12:05

OPPO Find X8 Pro Review
Posted 14-Mar-2025 14:59

Samsung Galaxy Ring Now Available in New Zealand
Posted 14-Mar-2025 13:52








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup



RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
Hatch
GoodSync
Backblaze backup
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright