Linux / Windows: Error code: 0x80070035 cannot access and Error NT_STATUS_HOST_UNREACHABLE
While configuring SAMBA / CIFS and file sharing over the network, the following errors popup eventually after the HTPC is restarted. A bit baffling at first since SSH works just as it did before the restart. However the problems persist and look like this:
Windows cannot access \\192.168.0.14\HTPCBackupXFS
Check the spelling of the name. Otherwise, there might be a problem with your network. To try to identify and resolve network problems, click Diagnose.
Error code: 0x80070035
The network path was not found.
On the Linux side of the world, things looked different but the overall message was the same:
# smbclient -L 192.168.0.14 -U'root%SECRET'
Enter root@SECRET's password:
Connection to 192.168.0.14 failed (Error NT_STATUS_HOST_UNREACHABLE)
#
However, when I test using SSH I can reach 192.168.0.14 from 192.168.0.13. Both hosts sit on two separate, though connected, routers. Here's how to resolve this problem:
INVESTIGATION AND SYMPTOMS
Investigating the issue revolves around checking general port connectivity between the various systems. From 192.168.0.14 things look fine:
# telnet 192.168.0.13 445
Trying 192.168.0.13…
Connected to 192.168.0.13.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
#
From 192.168.0.13 things look different:
# telnet 192.168.0.14 445
Trying 192.168.0.14…
telnet: connect to address 192.168.0.14: No route to host
#
Doing a bit more digging through strace the same message shows up:
# strace smbclient -L 192.168.0.14 -U'root%SECRET' -vvvv 2>&1|more
connect(4, {sa_family=AF_INET, sin_port=htons(445), sin_addr=inet_addr("192.168.0.14")}, 16) = -1 EINPROGRESS (Operation now in progress)
connect(4, {sa_family=AF_INET, sin_port=htons(445), sin_addr=inet_addr("192.168.0.14")}, 16) = -1 EHOSTUNREACH (No route to host)
Doing a little bit more digging still using nmap, we see the following results:
# nmap -sT 192.168.0.14 -PN
Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-29 23:15 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00036s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 5.11 seconds
#
And after disabling iptables (firewall) on the HTPC+B system we've just built, we see the following while running the scan from 192.168.0.13:
# nmap -sT 192.168.0.14 -PN
Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-29 23:20 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00076s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
#
So now we know. The firewall configuration on the HTPC+B system is preventing access through anything other then SSH (port 22). This means then that our firewall is the issue and correct permissions need to be set. All of this brings us to the iptables post we've done earlier for a quick rule review. In all firewall configurations, it's good to only add exactly what you need, not more. In our case, we only need ports 139/tcp and 445/tcp but CIFS / Samba may also need 137/tcp and 138/tcp so we'll customize our rules accordingly:
# SAMBA / SMB / CIFS – WINDOWS SHARES
-A INPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -p tcp -m multiport –sports 137,138,139,445 -j ACCEPT
-A INPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -p tcp -m multiport –dports 137,138,139,445 -j ACCEPT
-A INPUT -d 192.168.0.0/16 -s 192.168.0.0/16 -p udp -m multiport –sports 137,138,139,445 -j ACCEPT
-A INPUT -d 192.168.0.0/16 -s 192.168.0.0/16 -p udp -m multiport –dports 137,138,139,445 -j ACCEPT
Resulting in the expected output we want:
# smbclient -L 192.168.0.14 -U'root%SECRET' -vvvvv
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.10-116.el6_2]
Sharename Type Comment
——— —- ——-
HTPCBackupXFS Disk HTPC Linux XFS RAID6 Backup 3TB (Expendable to 4TB)
HTPCFileStorage Disk HTPC 1TB Network File Storage
HTPCFirstEntertainment Disk HTPC 200GB (Storage from First Entertainment HTPC)
HDR-SR7 Disk HDR-SR7 Sony Camcorder (60GB)
IPC$ IPC IPC Service (Samba Server Version 3.5.10-116.el6_2)
root Disk Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.10-116.el6_2]
Server Comment
——— ——-
Workgroup Master
——— ——-
#
And finally, to check with a quick port scan from 192.168.0.13 to ensure only what we added is seen and everything else is closed:
# nmap -sT 192.168.0.14 -PN
Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-30 10:21 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00032s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 1 IP address (1 host up) scanned in 989.00 seconds
#
Cheers,
Tom
[…] PostsLinux Pixma Printer Configuration: Canon Pixma iP4000 / iP4100Linux / Windows: Error code: 0×80070035 cannot access and Error NT_STATUS_HOST_UNREACHABLENT_STATUS_ACCESS_DENIEDLINUX / UNIX: Adding a new SATA harddrive using parted instead of fdisk. […]