Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[FurryNutz]

Glad you got it working. Now your working in the same realm as all the rest of use. 

Enjoy. 

Yes that works!  In fact, just typing \\192.168.0.### into the Windows Explorer address bar brings up **all** the shared directories on the specified computer!!  This is very cool!!!

Would you please check me on the following conclusions:

1) I guess that means it's only Windows's computer-name resolution that's not working on the LAN.

2) Since name resolution would, I presume, normally be provided by NetBIOS, I would need to use NetBIOS over TCP/IP if and only if I want File and Printer Sharing to work normally.

3) You have given me a work-around that does not require NetBIOS as long as I know the IP addresses of all computers on the LAN (which I do through DHCP reservations, thanks to your earlier advice!).  Thus, no need for NetBIOS over TCP/IP at all!

4) Perhaps this is actually what the previously quoted KB, "Direct Hosting of SMB over TCP/IP," was trying to tell me.  In that case, I'm probably using only port 445 for file sharing instead of the old ports 137-139.  (I don't need to know how to apply this trick to printer sharing, since I'm not doing that right now...)

[jclarkw]

Or do you mean that "Host Name" (or perhaps the "Local Domain Name") on the router should be set the same as "Workgroup" on the computers?. Yes, LDN should be the same same has he HOST NAME for the Work Group name in Windows.

Do I understand you correctly that the "Workgroup" name on all the individual computers in my password-protected-sharing workgroup must also be entered in the Setup/Network Settings/"Local Domain Name (Optional)" field on the DIR-645?  Two reasons for questioning your advice here:

1) This does not appear to be necessary to reach the network shares.  I removed my workgroup name from this field with no ill effects so far.

2) This appears to be a security risk (albeit small) because there is another computer on my LAN (my wife's business computer) that is **not** a workgroup member.  However, ipconfig/all on her computer reveals my workgroup name when it is entered in the "Local Domain Name" field on the DIR-645.  Presumably her computer (and by extension any other computers that happen to attach to my LAN) is getting this name from the router.  This is why I removed it.

If you can check me on this, I'd appreciate it! -- jclarkw

[FurryNutz]

Its not required however putting the workgroup name in the router set the router in the same workgroup and helps shares and devices to connect between themselves better and any features the routers has, the PCs will have better access to. This is not a security risk.

[jclarkw]

...putting the workgroup name in the router set the router in the same workgroup and helps shares and devices to connect between themselves better and any features the routers has, the PCs will have better access to. This is not a security risk.

OK, thanks. -- jclarkw

[FurryNutz]

 

[jclarkw]

Please also let me take you back to the original topic of this thread for a second:  I'm reading through the DIR-645 firmware Web page again, and I'm still not clear on what traffic is being blocked automatically vs. manually.  I can tell from GRC's ShieldsUp probes that all "service ports" are "stealthed" to **inbound** traffic, but...

1) what about **outbound** traffic?  Specifically, are File and Printer Sharing (ports 137-139 and 445) requests **outbound** from LAN computers blocked from entering the WAN?  What about other ports?  (Obviously outgoing HTTP requests on port 80, SMTP traffic on port [unkown] POP3 requests on port(s) [unkown], and probably others must be allowed...)

2) How is this controlled?  Automatically?  Or can I specify such detailed directional port blocking somehow?

Still no progress on this question.  With "Direct Hosting of SMB over TCP/IP" implemented on both XP computers behind my router, GRC's ShieldsUp still reports that all "service ports" are "stealthed" to inbound traffic.  But I don't know how to tell whether/what **outbound** traffic is blocked by the router and how much control I have over that through its settings.  Am I missing something in the User Guide that explains all of this? -- jclarkw

[FurryNutz]

I believe SMB is mostly a LAN side traffic platform and usually does not go to the WAN side. You'd have to do a search on SMB for the specs on it. I know from my experiences with it, I only use it to connect to LAN side shares and devices.

[jclarkw]

I believe SMB is mostly a LAN side traffic platform and usually does not go to the WAN side. You'd have to do a search on SMB for the specs on it. I know from my experiences with it, I only use it to connect to LAN side shares and devices.

Sorry I'm being unclear.  What I'm trying to ask is how much detailed control the DIR-645 gives me over **outgoing** traffic?

All I can find in the User Guide that seems relevant is the single sentence, "Firewall rules can be used to allow or deny traffic passing through the router. You can specify a single port by utilizing the input box at the top or a range of ports by utilizing both input boxes," without any indication of where to find these boxes in the Web interface or whether they can be applied to outbound traffic. -- jclarkw

[FurryNutz]

Home routers give little or basic control over what goes out the ports and is usually automatic depending on the firewall rules, configuration and standards they build into the firewall engine.

[jclarkw]

Home routers give little or basic control over what goes out the ports and is usually automatic depending on the firewall rules, configuration and standards they build into the firewall engine.

OK, no way to know.  Thanks -- jclarkw

[FurryNutz]

 

[FurryNutz]

FYI:
http://forums.dlink.com/index.php?topic=60680.0