Windows 7 client cannot access remote file share

danc_101danc_101 Member Posts: 60 ■■□□□□□□□□
Hello,

I've got a Windows 7 RTM client connected to a wirless network (WPA2-PSK). Behind the wireless router is a PIX firewall and behind that is a NAS device (A WD World Edition 1TB drive, Internal IP 10.0.0.3 which is NATed through the PIX to Public IP 192.168.1.100).

Whenever I try to access the NAS device from the Windows 7 client connected to the wireless network I get the error :

Windows cannot access \\192.168.1.100\Public
Error code 0x80070035
The network path was not found

I can ping the NAS ok and the arp table on the client is correct. I can also telnet the NAS on port 80 (used for remote management)

I know my firewall access-lists are ok as I can access the NAS from a Windows XP wireless client which has the same IP.

There is no AV or security software on the Windows 7 client and the firewall is off for all profiles.

Anyone seen this error "0x80070035" before for this kind of setup ? Seems basic but I'm and MS Support are stuck..

Thanks

Dan

Comments

  • GAngelGAngel Member Posts: 708 ■■■■□□□□□□
  • ClaymooreClaymoore Member Posts: 1,637
    Windows 7, like Windows Vista, does not use LanManager authentication by default. Here is an excerpt from a previous post:


    When you say network filer I assume that means the home drives are located on a CIFS share on a NAS device, which is really just a version of Samba and Linux. For your Vista PCs to use these shares correctly you may have to change the LanManager Compatibility level in Vista. Vista does not use LM or NTLM for authentication by default, but the filer may only send LM or NTLM responses so Vista's settings need to be changed. This will basically 'downgrade' Vista's authentication mechanisms to work with the NAS filer software and can be done two ways:

    Group Policy:
    Computer Configuration - Policies - Windows Settings - Security Settings - Local Policies - Security Options
    Network security: LAN Manager authentication level
    You may need to change this to Send LM & NTLM - use NTLMv2 session security if negotiated for the most compatibility, but Send NTLM response only would be more secure so you should try it first

    Registry Edit
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\
    Set the lmcompatibilitylevel value to 2 which would be equivalent to the Send NTLM response only in the Group Policy setting

    After you change these settings, you will need to reboot.

    You must provide Windows account credentials when you connect to Exchange Server 2003 by using the Outlook 2003 RPC over HTTP feature
    LmCompatibilityLevel settings



    The LmCompatibilityLevel registry entry can be configured with the following values:
    • LmCompatibilityLevel value of 0: Send LAN Manager (LM) response and NTLM response; never use NTLM version 2 (NTLMv2) session security. Clients use LM and NTLM authentication, and never use NTLMv2 session security; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 1: Use NTLMv2 session security, if negotiated. Clients use LM and NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 2: Send NTLM response only. Clients use only NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 3: Send NTLMv2 response only. Clients use NTLMv2 authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 4: (Server Only) - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers refuse LM authentication, and accept NTLM and NTLMv2 authentication.
    • LmCompatibilityLevel value of 5: (Server Only) - Domain controllers refuse LM and NTLM responses, and accept only NTLMv2 responses. Clients use NTLMv2 authentication, use NTLMv2 session security if the server supports it; domain controllers refuse NTLM and LM authentication, and accept only NTLMv2 authentication.
  • danc_101danc_101 Member Posts: 60 ■■□□□□□□□□
    Thanks Angel / Claymore,

    I already had the LM auth level set on the Windows client.

    The strange thing is that sometimes the client can connect to the NAS but whenever I try a copy a file down back to the client the wireless network disconnects with error 0x80070035.
Sign In or Register to comment.