SMB Multichannel - blocked firewall connections to non routable Server NICs

A

a_g_w

Hi..

our gateway firewall logs many blocked client connections to two of our file server NICs. Both NICs are dedicated for Backup and iSCSI Traffic usage and located in different networks. Only one NIC should handle the SMB Client/Server traffic. I've already tried to disable multichannel on the client and server side but the client has still tried to call the non reachable server IPs via Port 445. Is it possible to force SMB to use only one dedicated Server NIC or is this the default design behavior, that always any connected Server NIC will be provided to the Client side?

Server: Win Server 2016, 3 x 1 GbE NICs

Client: Win 10 1803, 1 x 1 GbE

Sample:

Get-SmbMultichannelConnection on the client side, results in a list of all three Server NICs:

Server Name Selected Client IP Server IP Client Interface Index Server Interface Index
----------- -------- --------- --------- ---------------------- ------------------
FILESERVER True 192.168.10.12 192.168.10.96 5 14
FILESERVER True 192.168.10.12 192.168.11.96 5 4
FILESERVER True 192.168.10.12 192.168.12.96 5 11


The Firewall log contains blocking entries to 192.168.11.96:445 and 192.168.12.96:445.


Any Ideas?

Alex

Continue reading...
 
You must log in or register to reply here.

Similar threads

J
Event ID: 30822 Failed to establish an SMB multichannel network connection.
Replies
0
Views
360
J388181
J
B
SMB 3 Multichannel: File transfer speeds between multiple Gbit links and one 10Gbe link
Replies
0
Views
272
bitrotten
B
R
New 2016 Hyper-V cluster hosts with sporadic sluggish performance/network latency (every two hours)
Replies
0
Views
376
Ross Aveling
R
B
RRAS to Azure VPN, IP forwarding not working
Replies
0
Views
513
Bardo33
B
T
Windows Server 2016 FTPs behind a load balancer.
Replies
0
Views
233
Tom Thi
T
Back
Top Bottom