SMBv1 not getting disabled

M

m9x3mos

Dabbler
Joined
May 13, 2021
Messages
34
Hello All,
I am currently using TrueNAS-12.0-U3.1 on one of my systems and my main system is still on Freenas 11.3-U5.
I have done a network scan for SMB protocols and found that SMBv1 is still enabled for both systems even though it is disabled in the GUI.
No matter what changes I have tried or Aux Parameters, I can't seem to get it to go away. How can I fully disable SMBv1?

Here is the settings I have on the truenas machine
1620923605489.png


the entire aux params list is:
min protocol = smb3
max protocol = smb3
client min protocol = smb3
client max protocol = smb3
server min protocol = smb3
server max protocol = smb3

And when I scan the two systems, this is what is coming up
1620923658246.png


Any help would be greatly appreciated.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,553
Sounds like a broken tool. Can you do a real-life SMB1 connection to the server? (i.e. not through the tool) You can set "client min protocol=NT1" as an auxiliary parameter under Services->SMB, then try "smbclient //127.0.0.1/<share-name> -m NT1 -U <your username>".
 
M

m9x3mos

Dabbler
Joined
May 13, 2021
Messages
34
anodos said:
Sounds like a broken tool. Can you do a real-life SMB1 connection to the server? (i.e. not through the tool) You can set "client min protocol=NT1" as an auxiliary parameter under Services->SMB, then try "smbclient //127.0.0.1/<share-name> -m NT1 -U <your username>".
Click to expand...

I was able to test that and am getting different response for nt1 vs smb2
1620934401199.png

On SMB2 it is saying status not supported and kicking it out as expected.

but 1 is saying no compatible protocol selected by server and then invalid response.
Maybe this is something to do with that and why the tool is showing it more as active.
 
M

m9x3mos

Dabbler
Joined
May 13, 2021
Messages
34
anodos said:
Sounds like a broken tool. Can you do a real-life SMB1 connection to the server? (i.e. not through the tool) You can set "client min protocol=NT1" as an auxiliary parameter under Services->SMB, then try "smbclient //127.0.0.1/<share-name> -m NT1 -U <your username>".
Click to expand...
This is the same as the response on the older FreeNAS 11 as well.
1620935069611.png


So with it coming back as invalid response instead of not supported, that is probably why that it is flagging it as available when it might not be.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "SMBv1 not getting disabled"

Similar threads

L
Samba Server in a Jail NT_STATUS_CONNECTION_DISCONNECTED after a while
Replies
2
Views
1K
leonardorame
L
S
Folder Sharing is not working after update
Replies
4
Views
2K
slkamath
S
O
  • Locked
Which SMB min/ max Version?
Replies
3
Views
2K
anodos
anodos
R
Sharing is not wokring (issue in smb4.cnf)
Replies
3
Views
2K
Niel Archer
N
Borja
Set different smb protocol levels for each share?
Replies
2
Views
1K
Borja
Borja
Top