Windows - Allow UNC File Sharing through a LAN or VPN connection How to access to shared folders, files and printers over a LAN or VPN connection such as OpenVPN, PPTP, L2TP, IPKSEC and so

Impostare il login automatico su Windows con AutoLogon

This article is part of a series of tutorial posts I wrote on configuring a cloud data center on Aruba Cloud using the Cloud PRO service model: a typical IaaS public cloud environment, not too different from Amazon AWS, Google Cloud Platform and MS Azure approach in terms of overall logic.

DISCLAIMER: This website is not affiliated with Aruba; this article represents the free opinion of the author and has not been commissioned or sponsored in any way.

In this post we'll talk about one of the common issues that we could likely face when we try to activate the file system sharing through the internal LAN, so that servers (and/or VPN users) could access the shared folders using the Windows File Explorer.

Here's a list of steps that we need to do in order to make it happen:

  • Share some folders between the various Windows servers, thus enabling their File and Printer Sharing feature on their NIC interface(s).
  • Add a couple Firewall rules to allow traffic from both the LAN and VPN interfaces to any LAN destination.
  • Open the Windows Firewall ports for file sharing (135-139 and 445 TCP/UDP), which can be easily done by allowing the File and Printer Sharing and File and Printer Sharing over SMBDirect apps to communicate through Windows Firewall (as shown in the screenshot below).

Windows - Allow UNC File Sharing through a LAN or VPN connection

If we do all that, there's a high chance that we'll be able to connect to the shared folders without issues. However, there could be an edge-case scenario where, instead of accessing the shared resources, we'll be greeted by the following errors:

An error occurred while connecting to address \\<LAN-IP>\<SHARED-FOLDER>\.

The operation being requested was not performed because the user has not been authenticated.

Windows - Allow UNC File Sharing through a LAN or VPN connection

You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.

Windows - Allow UNC File Sharing through a LAN or VPN connection

If you're getting one of the above error messages (or both) on one or more Windows machines, even if you've followed the above steps, there's a good chance you're also hitting that same issue.

These errors was caused by a non-trivial configuration issue that took some valuable time to fix; luckily enough, in my scenario, those two errors were both showing up, thus giving me additional hints. The second message greatly helped me to understand where the problem actually was because it led me to check the local group policies using the Local Group Policy Editor, where I eventually found this:

Windows - Allow UNC File Sharing through a LAN or VPN connection

After looking at it, I immediately understood that the problem was due to the Guest account being A) enabled and B) blocked from accessing the local server from the network. As soon as I disabled the guest account, the "deny access" policy above automatically changed its status to "empty", thus allowing me to connect to the shared folders: problem solved!

Conclusion

That's it, at least for now: I hope that this small advice will help other system administrator that are looking for a way to fix their issue with shared folders while dealing with similar environments.

About Ryan

IT Project Manager, Web Interface Architect and Lead Developer for many high-traffic web sites & services hosted in Italy and Europe. Since 2010 it's also a lead designer for many App and games for Android, iOS and Windows Phone mobile devices for a number of italian companies. Microsoft MVP for Development Technologies since 2018.

View all posts by Ryan

One Comment on “Windows - Allow UNC File Sharing through a LAN or VPN connection How to access to shared folders, files and printers over a LAN or VPN connection such as OpenVPN, PPTP, L2TP, IPKSEC and so

  1. Hi,

    My problem is I can access files over VPN on the windows host using it’s IP address in Windows Explorer but I can’t use the hosts name (windows computer name) and none of the windows computers on the VPN side show up in Window Explorer under Network. Only computer on my local network show there. I’ve tried enabling the “Use remote default gateway” option in the VPN’s TCP/IP config. but the remote computers still don’t show up in Windows Explorer, however I can refer to them via their IP addresses and view any shared folders on those computers that way. Do you know why this might be the case?

    Thanks
    John

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.

This site uses Akismet to reduce spam. Learn how your comment data is processed.