When I tried to connect file share to my windows laptop, it said that port 445 is blocking.
Please help me to solve this problem.
Thank you for your kind help.
Error:
if ($connectTestResult.TcpTestSucceeded) {
# Save the password so the drive will persist on reboot
cmd.exe /C "cmdkey /add:`"storagetestmy3.file.core.windows.net`" /user:`"localhost\storagetestmy3`"
/pass:`"ZvWYXdvAkX112rT8k2MxQLqlcDi1oA EZNNoGeQ2Bv88DDUWFdtcmbXXfKk/mHNMlw1TDVX3Vrkb AStoh/kOQ==`""
# Mount the drive
New-PSDrive -Name Z -PSProvider FileSystem -Root "\\storagetestmy3.file.core.windows.net\fileshare3" -Persist
} else {
Write-Error -Message "Unable to reach the Azure storage account via port 445. Check to make sure your organization
or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a
different port."
} : Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not
blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port.
CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException
CodePudding user response:
As Per the MSFT Doc of 445 Port blocked by Windows File Connection to Azure File Share,
Your client OS should support SMB 3.0. Make sure this
SMB Direct
option is enabled in your windows system.Run this command
Test-NetConnection
in the Windows PowerShell where you should get thePingSucceeded
asTrue
. This test is to verify the port 445 is blocking by your ISP or VPN.
If your test result is False
, then port 445 (TCP Outbound) needs to be opened by your ISP or the firewall.
Another way to test that the port 445 is blocking by the firewall or ISP, using the AzFileDiagnostics tool.
Reason:
From outside the region or datacenter, Azure Files only allows SMB 3.0 with encryption support connections.
Due to some historical reasons of vulnerabilities found in lower SMB versions, port 445 has been blocking by the ISPs or System Firewalls or Organizations.
Alternative Ways to connect to Azure File Share from the Windows System:
- You can setup a Point to Site VPN to your Azure File Shares. Refer this GitHub article for setting up P2S VPN.
- From your local machine, you can mount the file share using the SMB 3.0 Protocol.
- You can use tools like Azure Storage Explorer to access files in your file share.
Example: Generate SAS URL of your Azure File Share from the Storage Account.
Open Azure Storage Explorer and Sign into Storage account using SAS URL: Select the SAS URL option in the next windows and paste the URL copied from Azure Storage account portal and click on connect.
Result:
- You can use Storage Client libraries, REST APIs, PowerShell, or Azure CLI to access your files in the Azure file share from your application.