Goal: To access Windows 10 file shares, from Linux, over a VPN.
In this context: "server" is a simple Windows 10 machine, and "client" is Ubuntu 18.
I have an OpenVPN tunnel setup, connection seems good, can connect, ping the server, portscan provides correct results, and I can manually establish a telnet connection to port 135.
I am trying to mount a folder on linux, to the windows share, using CIFS, something I have done many times before - but not to this particular windows machine admittedly.
I am effectively using: mount -t cifs //server/share /mnt/share
but the result is always:
mount: /mnt/share: mount(2) system call failed: Connection refused.
dmesg/syslog show:
CIFS VFS: Error connecting to socket. Aborting operation.
CIFS VFS: cifs_mount failed w/return code = -111
I have tried nearly all the CIFS flags I can think of, including all security options. The actual current command I am using is:
sudo mount -v -t cifs -o vers=3.1.1,username=myuser,pass=mypass,servern=WINDESKTOP,sec=ntlmssp //10.8.0.1/share /mnt/share
Windows firewall is turned off, the the share, and folder, have full permissions for the user account I am trying to use, as well as guest
, anonymous login
.
I installed an FTP server on the server just to triple check connectivity, works find.
Why isn't CIFS connecting? Is there any way on the windows server to see exactly what it is doing to the connection? And/or is there anyway to get greater debugging output from CIFS on Ubuntu?
Edit:
A nmap -Pn <host>
portscan shows the following open ports:
PORT STATE SERVICE
135/tcp open msrpc
554/tcp open rtsp
2869/tcp open icslap
10243/tcp open unknown
Update/Solution:
The problem and a workaround were found. The answer below from @grawity alerts to the fact that server is not listening on port 445. The problem has nothing to do with OpenVPN or linux/CIFS
- Noted that the smb server service is not listening on port 445, this means
ms_server
component is not operational. ms_server
is the SMB server service, this is enabled/disabled by toggling the following checkbox in a device's network settings:File and Printer Sharing for Microsoft Networks.
- In this case the check box was already checked. Unchecking it and checking it again, fixes the issue, server listens on port 445, and file sharing works. But only temporarily, until the next reboot.
- This whole issue appears to be a known problem with Windows 10, caused by a reasonably recent Windows Update
- I was unable to find a clean solution, or real patch to the actual issue.
- One short-term workaround is to create a small script that effectively "unchecks and checks the box", and run when a user logs in.
The powershell commands to workaround this issue are:
Disable-NetAdapterBinding -Name "MyVPN" -ComponentID ms_server
Enable-NetAdapterBinding -Name "MyVPN" -ComponentID ms_server