using SMB over VPN to a azure VM with windows 2012 R2

Reshef Katz | CyberGymIEC 0

Hello, after recently migrating my server environment to azure, which consists of windows server 2012 R2 servers mostly, I am having difficulties using SMB, the developers used the \<server-IP-address\c$ share in the past. I believe I know the cause of the issue, and am looking to hear if there is anyway around it.... since I am able to make the connection with a windows server 2022 without issues, and also connecting between the servers in azure is fine, my only conclusion is that it has an issue with the VPN connection, seeing that both the azure VPN client, and my site2site connection (between a checkpoint and vpn gateway) fail to make the connection it leads me to think that server 2012 R2 does not support SMB 3.0 over encrypted data and that the 3.1.1 that the server 2022 supports does. things I have tried include, disabling the windows firewall, changing GPO policies according to different guides I have found, and copying all the different SMB server configurations between the servers. on another note, I have used tcpdump on the different connections to spot the what might be going wrong, and I had noticed that the connection that fails, gets [S] and [S.] and [R.] flags, while the successful one doesn't. open for thoughts and ideas, and prayers

Dillon Silzer 57,406 Reputation points

2024-01-17T20:13:55.0033333+00:00

Do you have another server in Azure that is in the same RG/subnet as this server? What happens when that Windows server/client tries SMB?
Reshef Katz | CyberGymIEC 0 Reputation points

2024-01-18T07:16:55.6966667+00:00

Yes, as described, the same RG/subnet has a few servers, but if we focus on 2, one is windows 2012R2 and another server2022, between the 2 servers the SMB works fine. from the on-premises to the server2022 the SMB works fine. issues occurs only between server2012R2 and VPN\S2S connected users.
Dillon Silzer 57,406 Reputation points

2024-01-20T17:59:54.77+00:00

What solution are you using to control who has access to your servers? NSGs? Azure Firewall?
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
KapilAnanth-MSFT 45,111 Reputation points Microsoft Employee

2024-01-31T06:20:36.39+00:00

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you would like to know if SMB 3.0 (with Windows Server 2012 R2) is supported over S2S/P2S or not.

To troubleshoot the exact issue, we will need a specialized 1:1 session, where a support engineer can investigate the logs, do a Lab and isolate the issue.

If you have a support plan you may file a support ticket, else please do let us know, we will try and help you get a one-time free technical support.

Cheers,

Kapil
Reshef Katz | CyberGymIEC 0 Reputation points

2024-02-01T06:24:08.0066667+00:00

nothing acctuly, I have a simple site 2 site between a vpn GW and and on-prem checkpoint using ikev2, at this point at least.
KapilAnanth-MSFT 45,111 Reputation points Microsoft Employee

2024-02-02T05:22:09.5566667+00:00

@Reshef Katz | CyberGymIEC

Thanks for the info.

So I take it that you would like to know if SMB 3.0 (with Windows Server 2012 R2) is supported over S2S with IKEV2 using Azure VPN Gateway or not.

As mentioned, it is recommended to open a support incident so the Engineer can collect captures and pinpoint the issue.

Cheers,

Kapil.

Share via

using SMB over VPN to a azure VM with windows 2012 R2

Your answer