Header Shadow Image


Linux / Windows: Error code: 0×80070035 cannot access and Error NT_STATUS_HOST_UNREACHABLE

While configuring SAMBA / CIFS and file sharing over the network, the following errors popup eventually after the HTPC is restarted.  A bit baffling at first since SSH works just as it did before the restart.  However the problems persist and look like this:

Windows cannot access \\192.168.0.14\HTPCBackupXFS

Check the spelling of the name.  Otherwise, there might be a problem with your network.  To try to identify and resolve network problems, click Diagnose.

Error code: 0×80070035
The network path was not found.

On the Linux side of the world, things looked different but the overall message was the same:

# smbclient -L 192.168.0.14 -U'root%SECRET'
Enter root@SECRET's password:
Connection to 192.168.0.14 failed (Error NT_STATUS_HOST_UNREACHABLE)
#

However, when I test using SSH I can reach 192.168.0.14 from 192.168.0.13.  Both hosts sit on two separate, though connected, routers.  Here's how to resolve this problem:

INVESTIGATION AND SYMPTOMS

Investigating the issue revolves around checking general port connectivity between the various systems.  From 192.168.0.14 things look fine:

# telnet  192.168.0.13 445
Trying 192.168.0.13…
Connected to 192.168.0.13.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
#

From 192.168.0.13 things look different:

# telnet 192.168.0.14 445
Trying 192.168.0.14…
telnet: connect to address 192.168.0.14: No route to host
#

Doing a bit more digging through strace the same message shows up:

# strace smbclient -L 192.168.0.14 -U'root%SECRET' -vvvv 2>&1|more
connect(4, {sa_family=AF_INET, sin_port=htons(445), sin_addr=inet_addr("192.168.0.14")}, 16) = -1 EINPROGRESS (Operation now in progress)
connect(4, {sa_family=AF_INET, sin_port=htons(445), sin_addr=inet_addr("192.168.0.14")}, 16) = -1 EHOSTUNREACH (No route to host)

Doing a little bit more digging still using nmap, we see the following results:

# nmap -sT 192.168.0.14 -PN

Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-29 23:15 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00036s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh

Nmap done: 1 IP address (1 host up) scanned in 5.11 seconds
#

And after disabling iptables (firewall) on the HTPC+B system we've just built, we see the following while running the scan from 192.168.0.13:

# nmap -sT 192.168.0.14 -PN

Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-29 23:20 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00076s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
2049/tcp open  nfs

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
#

So now we know.  The firewall configuration on the HTPC+B system is preventing access through anything other then SSH (port 22).  This means then that our firewall is the issue and correct permissions need to be set.  All of this brings us to the iptables post we've done earlier for a quick rule review.  In all firewall configurations, it's good to only add exactly what you need, not more.  In our case, we only need ports 139/tcp and 445/tcp but CIFS / Samba may also need 137/tcp and 138/tcp so we'll customize our rules accordingly:

# SAMBA / SMB / CIFS – WINDOWS SHARES
-A INPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -p tcp -m multiport –sports 137,138,139,445 -j ACCEPT
-A INPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -p tcp -m multiport –dports 137,138,139,445 -j ACCEPT
-A INPUT -d 192.168.0.0/16 -s 192.168.0.0/16 -p udp -m multiport –sports 137,138,139,445 -j ACCEPT
-A INPUT -d 192.168.0.0/16 -s 192.168.0.0/16 -p udp -m multiport –dports 137,138,139,445 -j ACCEPT

 

Resulting in the expected output we want:

# smbclient -L 192.168.0.14 -U'root%SECRET' -vvvvv
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.10-116.el6_2]

        Sharename       Type      Comment
        ———       —-      ——-
        HTPCBackupXFS   Disk      HTPC Linux XFS RAID6 Backup 3TB (Expendable to 4TB)
        HTPCFileStorage Disk      HTPC 1TB Network File Storage
        HTPCFirstEntertainment Disk      HTPC 200GB (Storage from First Entertainment HTPC)
        HDR-SR7         Disk      HDR-SR7 Sony Camcorder (60GB)
        IPC$            IPC       IPC Service (Samba Server Version 3.5.10-116.el6_2)
        root            Disk      Home Directories
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.10-116.el6_2]

        Server               Comment
        ———            ——-

        Workgroup            Master
        ———            ——-
#

And finally, to check with a quick port scan from 192.168.0.13 to ensure only what we added is seen and everything else is closed:

# nmap -sT 192.168.0.14 -PN

Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-30 10:21 EDT
Nmap scan report for htpc (192.168.0.14)
Host is up (0.00032s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds

2049/tcp open  nfs

Nmap done: 1 IP address (1 host up) scanned in 989.00 seconds
#

 

Cheers,
Tom

Leave a Reply

 


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License