NetBIOS is required to allow Windows operating systems to browse for resources on a network (eg: LAN/DMZ/WLAN, etc.).
Two steps are needed to resolve this issue:
Step 1: Modify the existing WLAN to LAN Deny access rule to Allow.
Step 2: Adding IP Helper Policy for NetBIOS.
In SonicOS Enhanced the IP Helper feature helps broadcast/multicast packets to cross a firewall’s interface and be forwarded to other interfaces based on policy. IP Helper NetBIOS Policy allows you to forward NetBIOS broadcasts from one interface to another interface. The IP Helper NetBIOS relay acts specifically on UDP 137 (NetBIOS Name Service) and UDP 138 (NetBIOS Datagram) broadcast traffic to enable broadcast node (b-node) style name resolution (e.g. Network Neighborhood) across subnet boundaries.
Scenario:
In the following scenario the X0 interface is configured in the LAN zone with IP address 192.168.168.168/24 and the X2 interface is configured in the WLAN zone with an IP address 172.16.32.1/24.
Resolution:
Step 1: Modify the existing WLAN to LAN Deny access rule to Allow.
Note: Traffic from the wireless network to wired network (LAN) is blocked by default. However, users can change this restriction by changing the default rule in the Sonicwall UTM appliance. This will enable them to allow either all or some traffic between the wireless and wired network.
1. Login to the SonicWALL Management Interface
2. On the Firewall > Access Rules page, display the WLAN > LAN access rules.
3. Click on the configure button on the far right side of the rule.
4. Change the Action from Deny to Allow.
5. Click OK.
Step 2: Adding an IP Helper Policy for NetBIOS from WLAN to LAN subnets and vise versa.
|
1. Login to the Sonicwall management interface.
2. Navigate to the Network > IP Helper page.
3. Select the Enable IP Helper checkbox and click Apply.
4. Select the Enable NetBIOS Support checkbox and click Apply.
5. Click the Add button below the IP Helper Policies table. The Add IP Helper Policy window is displayed.
6. Select NetBIOS from the Protocol menu.
7. Select WLAN Subnets from the From menu.
8. Select LAN Subnets from the To menu.
9. Enter an optional comment in the Comment field.
10. Click OK to add the policy to the IP Helper Policies table.
|
 |
Please Note: Follow the above mentioned steps and create another policy from LAN to WLAN subnets.
Conclusion:
With these policies in place Wireless clients will be able to connect to the LAN segment using NetBIOS names and browse shared resources. Likewise, wired computers on the LAN segment will be able to connect to the wireless clients using NetBIOS names.
Some troubleshooting considerations:
1. Make sure the Wireless client and the computer being accessed has File and Printer Sharing enabled under Network Adapter Properties.
2. Make sure the Windows Firewall or any other Personal Firewall/Anti-virus application is disabled.
3. On the wireless network adapter enable NetBIOS over TCP/IP. (Refer: http://technet.microsoft.com/en-us/library/bb727013.aspx)
No comments yet.
Leave a comment