Azure file shares could not be accessed | Port 445

Ashokan Sivapragasam picture Ashokan Sivapragasam · Mar 28, 2019 · Viewed 9.9k times · Source

I have setup Azure Storage Files, I have added a couple of firewall rules in my dev machine to open the port#445. But I could not access my file shares now. It does not respond to ping command as well.

But I am able to access the same file shares from Azure VM IaaS Servers. Is there something I missed?

Answer

Nancy Xiong picture Nancy Xiong · Mar 28, 2019

It's not recommended to directly use PING command to verify network connectivity to a public DNS name or IP address as usually PING is forbidden. You could use PowerShell command Test-NetConnection -Port 445 -ComputerName somestoragexxx.file.core.windows.net to verify the port 445 on the dev machine.

If this TCP 445 connectivity fails, properly you could check the ISP or your on-premise network security is not blocking outbound port 445. Please note that you should open outbound port instead of inbound port 445.

As a test result, on my local machine, TCP test port 445 is false. enter image description here

On the Azure VM, TCP test port 445 is true, and I could access the storage file share successfully. enter image description here

Additionally, port 445 always is not allowed to access over the Internet. You could use different ways to access files in Azure Files.

You can mount the file share on your local machine by using the SMB 3.0 protocol, or you can use tools like Storage Explorer to access files in your file share. From your application, you can use storage client libraries, REST APIs, PowerShell, or Azure CLI to access your files in the Azure file share.