Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

High Sierra + Remote SMB?

DJLC

DJLC

macrumors 6502a
Original poster
Jul 17, 2005
959
404
North Carolina
So one of my clients recently upgraded to High Sierra, and we've now got a major problem I can't get to the bottom of.

They have a remote office with a Mac Mini that needs to connect to a shared folder on a Mac Mini in the main office. Under Yosemite, this worked fine. We just forwarded port 548 in the router at the main office, and the remote Mac was able to connect over AFP.

After the upgrade, AFP is no longer usable due to the APFS file system. So I've been trying to get SMB to work. It works fine from other Macs in the main office; however, from the remote office, it completely refuses to connect. I've tried forwarding port 139 in the main office. I've also tried making the main office Mac Mini the DMZ host. However, no matter what I try, a remote Mac will refuse to connect to the main office Mac over SMB.

Is there some setting in High Sierra that prevents this? I've also tried to use Back to My Mac with no luck (and again, UPnP is enabled on the router). I need this to work. We have a static IP and a business class connection, so the ISP shouldn't be the issue. :(
 
DJLC

DJLC

macrumors 6502a
Original poster
Jul 17, 2005
959
404
North Carolina
cobracnvt said:
Is there a VPN involved?
Click to expand...

No VPN or anything fancy. The thing that makes me think it's something in High Sierra itself is that even when the Mac at the main office is set as a DMZ host, the connection fails. There's nothing in the firewall log to indicate a blocked connection.
 
chrfr

chrfr

macrumors G5
Jul 11, 2009
13,707
7,278
DJLC said:
No VPN or anything fancy. The thing that makes me think it's something in High Sierra itself is that even when the Mac at the main office is set as a DMZ host, the connection fails. There's nothing in the firewall log to indicate a blocked connection.
Click to expand...
SMB file sharing is nearly always blocked by ISPs as it used to be a primary means of allowing malware to spread between windows computers. You'll probably need a VPN to connect to a remote SMB server. Check with your ISP about which ports are blocked. I know Comcast definitely blocks those ports.
For example:
https://www.xfinity.com/support/articles/list-of-blocked-ports
 
  • Like
Reactions: DJLC
DJLC

DJLC

macrumors 6502a
Original poster
Jul 17, 2005
959
404
North Carolina
chrfr said:
SMB file sharing is nearly always blocked by ISPs as it used to be a primary means of allowing malware to spread between windows computers. You'll probably need a VPN to connect to a remote SMB server. Check with your ISP about which ports are blocked. I know Comcast definitely blocks those ports.
For example:
https://www.xfinity.com/support/articles/list-of-blocked-ports
Click to expand...

Ah, yes. Looks like AT&T IS blocking the SMB ports.

So let me modify my question — is there a way to use SMB on a non-standard port? That's actually what we did for AFP, but that's not working for SMB.

Scratch that — enabled VPN on the ASUS router + installed Tunnelblick. They're now able to connect via SMB over a VPN.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom