Firepower: Cannot go down in the folder struture of a SMB share mapped through the Firepower

swscco001 · ‎07-26-2021

Hello everybody,

we have a weird issue in connetion with Firepower.

The customer wants to access from his Windows 10 clients through
his Firepower to a SMB share on Linux devices represented by a FQDN.

After allowing the necessary applications and ports (see attached) he
can map the SMB share on his Windows clients. The problem is that he
cannot go down in the folder stucture (see attached) if the requests comes

from certain network but from the other there is no problem. The Windows
permissions are 'full access' to 'everyone' (see attached).

In the Firepower connections events log I don't see any blocks between
the client IP and the IP adresses represented by the FQDN at all.

My question is: Is it necessary to allow further applications and ports
on the Firepower FMC to be able to go down on the mapped SMB share or
is this an issue on the SMB share on Linux or the Windows client?

What are your thoughts and hints?

Every information is very welcome.

Thanks a lot!

Bye
Rene

Marius Gunnerud · ‎07-26-2021

A quick way to identify if the issue is with the Firepower rule is to configure a rule between a specific IP of a test PC and the SMB server and allow all traffic. If you are able to dive deeper into the file structure there is an issue with the firepower rule, if you are still not able to browse the folder there is an issue with the server or perhaps permissions.

--
Please remember to select a correct answer and rate helpful posts