Community discussions

MikroTik App
 
User avatar
SamDrew
just joined
Topic Author
Posts: 3
Joined: Sat Jul 02, 2022 11:10 pm
Location: England, Surrey

Port Forwarding 445 & 139

Sat Jul 02, 2022 11:28 pm

Hello there!
I am very new to working with router OS and am hoping to port forward the SMB ports (specifically 445 and 139) to a File server so that it becomes publicly accessible across the internet.
My network is set up so that:

Internet -> Virgin Media Modem -> Mikrotik Router (RB2011UiAS-2HnD) -> Google Nest Wifi Mesh -> File Server

The google nest router is already setup so that it forwards these ports to the file server, so when connected to the Mikrotik router i can access the file server through the IP of the google nest router.
However, i am unable to access the file server through the public IP of the router :(
I have set up firewall rules on the Mikrotik router to accept connections through the SMB ports and NAT rules to forward them to the google nest router,
alas, no luck

Any help would be greatly appreciated :D
Thanks!

filter rules:
12 ;;; SMB:445
chain=input action=accept protocol=tcp in-interface=Internet src-port="" dst-port=445 log=no log-prefix=""
13 ;;; SMB:139
chain=input action=accept protocol=tcp in-interface=Internet dst-port=139 log=no log-prefix=""
14 ;;; SMB Test
chain=forward action=accept protocol=tcp dst-address=192.168.10.130 dst-port=445 log=no log-prefix=""

NAT rules:
5 ;;; SMB:445 Forwarding
chain=dstnat action=dst-nat to-addresses=192.168.10.130 to-ports=445 protocol=tcp in-interface=Internet dst-port=445 log=yes log-prefix="SMB:445 >> "
6 ;;; SMB:139 Forwarding
chain=dstnat action=dst-nat to-addresses=192.168.10.130 to-ports=139 protocol=tcp in-interface=Internet dst-port=139 log=yes log-prefix="SMB:139 >> "
 
R1CH
Forum Guru
Forum Guru
Posts: 1099
Joined: Sun Oct 01, 2006 11:44 pm

Re: Port Forwarding 445 & 139

Tue Jul 05, 2022 2:18 am

Many ISPs block these ports since they have typically been exploited by worms (Blaster, Sasser, etc).
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2990
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Port Forwarding 445 & 139

Tue Jul 05, 2022 4:16 am

bad idea to expose that ports to internet, many ISP block this traffic (i do) to avoid spreading and exploit of vulnerabilities

to user this kind of services remotely and securely the most common is to use a VPN
 
User avatar
devinganger
just joined
Posts: 10
Joined: Wed Jun 10, 2020 10:10 pm
Location: Monroe, WA, USA
Contact:

Re: Port Forwarding 445 & 139

Tue Jul 05, 2022 5:58 am

Many ISPs block these ports since they have typically been exploited by worms (Blaster, Sasser, etc).
Absolutely. And even if the OP's ISP is willing to do it, it's a fair bet that all of their upstreams are filtering those ports as well to keep those services from becoming malware-filled jumpboxes.
 
mada3k
Long time Member
Long time Member
Posts: 687
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: Port Forwarding 445 & 139

Tue Jul 05, 2022 11:41 am

Running SMB over Internet sounds like a horrible idea. Not even sure it will work behind NAT at all.

Use some VPN tunneling at least.

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot], Majestic-12 [Bot], raphaps and 80 guests