Files sharing problem between MS Vista Basic and XP Pro.

[lmworld]

Hi all,

I got a desktop machine which is running Windows XP Pro and a Dell laptop that running Microsoft Vista Home Basic. I want to do the files sharing between both machine using my Linksys wireless router (Desktop is using wireless adaptor). My Dell laptop can ping the desktop IP but the desktop cannot ping the Dell laptop IP, and also i have share out the folder at the XP machine, however in the Dell laptop I still cannot view the shared folder.
Did anything I need to do like join Domain/Workgroup or I need to join both machine into a network? BTW, I have set DHCP at my router.

Thanks.

LM

 

[DelJo63]

yes, both systems need the same workgroup name.

PING is not the same as F/P sharing; it just ensures the network connectivity.

Vista firewall needs to enable F/P sharing AND ping.

The first signs of progress will be when both system names can be seen via
cp->network connections->network places->view workgroup computers.

This shows that the firewall (on both sides) is at least allowing port 135 traffic
(ports 139+445) are the actual F/P sharing ports.)

 

[trinamick]

If you find the solution, I'd love to hear it as well. We run XP Pro on our office computers, and have been unable to connect to a laptop running Vista Home also, even with all workgroup and domain names the same. I have been told that the problem lies in the Vista Home. Supposedly, Vista Business takes care of that. However, if there is another suggestion, I'd like to find out.

 

[DelJo63]

MS KB article Vista differences in File Sharing

there's a nice article on Vista Home file sharing setup here

edit:
a major new feature is the Location type as {Public, Private, Domain}

anyone WITH A ROUTER/Firewall can use Private, but if you do not have a firewall, use PUBLIC!

 

[lmworld]

Hi all, I managed to make both XP Pro and Vista machine for the files sharing by turned OFF the firewall function within the Norton Antivirus. But by turned OFF the firewall, will this bring other issue in future, any comment on this?

Thanks.

LM

 

[DelJo63]

Oh My Yes!

find your LAN address for any system using run->cmd /k ipconfig
note the first three numbers (eg 192.168.0)
your lan subnet will then be the range 1-255 and you use that info to add
a rule to Norton:

allow tcp/udp in/out src=192.168.0.1-192.168.0.255 dst 192.168.0.1-192.168.0.255 port 135-139,445​

move the new rule near the top of the list

Now you can share safely and not allow the public internet access to your
shares, as those addresses will NOT be withing the range defined

If you're on a laptop and you visit a hotspot, BE SURE TO change the ALLOW to DENY!

 

[roseypeach]

Hi all,

I got a desktop machine which is running Windows XP Pro and a Dell laptop that running Microsoft Vista Home Basic. I want to do the files sharing between both machine using my Linksys wireless router (Desktop is using wireless adaptor). My Dell laptop can ping the desktop IP but the desktop cannot ping the Dell laptop IP, and also i have share out the folder at the XP machine, however in the Dell laptop I still cannot view the shared folder.
Did anything I need to do like join Domain/Workgroup or I need to join both machine into a network? BTW, I have set DHCP at my router.

Thanks.

LM

Imworld, THANKS A MILLION FOR ASKING THIS QUESTION!!!
I have been banging my head against the wall for three days trying to solve the exact same problem! The Norton firewall was the culprit the entire time. I feel so silly!

 

[Mictlantecuhtli]

find your LAN address for any system using run->cmd /k ipconfig
note the first three numbers (eg 192.168.0)
your lan subnet will then be the range 1-255 and you use that info to add
a rule to Norton:

allow tcp/udp in/out src=192.168.0.1-192.168.0.255 dst 192.168.0.1-192.168.0.255 port 135-139,445​

move the new rule near the top of the list

Now you can share safely and not allow the public internet access to your
shares, as those addresses will NOT be withing the range defined

If you're on a laptop and you visit a hotspot, BE SURE TO change the ALLOW to DENY!

Vista needs only TCP 445 for "System" process for SMB file sharing.

 

[DelJo63]

actually you can use 139 OR 445 as the protocol for SMB sends messages on both
and keeps the connection that first responds

 

[LookinAround]

a major new feature is the Location type as {Public, Private, Domain}
anyone WITH A ROUTER/Firewall can use Private, but if you do not have a firewall, use PUBLIC!

Have not looked closely into location type yet (still only explore Vista on friend's machines and reading online). Question is: does location type make any difference when using 3rd party firewalls? (so Vista Firewall is turned OFF). I wouldn;t guess so yet haven't seen that distinction written anywhere (or tried testing it out myself it)

I read some MS Vista Firewall docs and it uses firewall profiles names which match location type names (which makes sense, of course) but e.g. am not aware of any such names or use of such profiles in AVG 8

 

[DelJo63]

I believe you are correct (although I cant get access to Vista to prove so).

In the Public configuration (eg a wireless at a hotspot), the user does not want
to have the MS ports 135-139,445 to be inbound accessible!

The point of being behind a router is the natural NAT and the defacto blocking of
inbound access.

Having a laptop (xp/pro), I'm still paranoid re this issue and even at home I only allow
access from ip addresses on my subnet (which is restricted to x.2->x.9). At a hotspot,
I change the rule from Allow to deny and the laptop is locked down

 

[trinamick]

We don't use Norton in our office, but we do have a third party firewall. Could this prevent two Vista machines (both running Ultimate) from allowing access to each other? Also, we can access the XP machines from the Vista computers, but not the other way around. All the permissions seem to be set to allow access, and all are on the same workgroup.

 

[LookinAround]

A few special issues need be addressed when it's XP/Vista.

An issue often overlooked is that Vista changes how default permissions are set for shared resources from earlier Windows. Off hand, I forget if the change affects all user access or just Guest access, but Guest no longer has access by default. So if you turn Password Protected File Sharing off, that means everything is authenticated as Guest, means the share permissions must be changed to allow Guest or access denied.

Am in process of drafting a guide/checklist tho you might try some of the XP/Vista links that already exist (think there's on towards top of this thread)

 

[LookinAround]

Oh, yes, and there is a very good chance that a 3rd party firewall needs some "adjusting" for Vista. First and importantly is double checking firewall traffic rules

For network discovery of Vista Computers: Windows Vista, these Protocols/Port numbers ,must be allowed
UDP/3702, TCP/5357 TCP/5358

For network discovery of computers running Windows XP and for other cases of sharing, must allow input traffic on:
UDP/137, UDP/138, TCP/139, TCP 445

For network discovery of net devices, allow the following incoming traffic:
UDP/1900, TCP/2869

 

[trinamick]

How do I go about changing that?

 

[LookinAround]

Well.. as far as reviewing/making needed changes for firewall:
- would need know exact firewall you're using to try and tell you
- would be best if you a tech person implement the changes if not sure how to do them
- AND/OR the perhaps best approach is trying to see if things work without
1) Without any firewalll
2) Using Vista Firewall until the tweaks in 3rd party worked out
NOTE: if you want to try test w/o firewall you a) disconnect from ISP (NO INTERNECT CONNECTION) then turn off firewalls both machines and reboot


Permissions
Firewalls won't fix guest permission problems but should be easy to change even if only to test...
This link Guide: Troubleshoot XP File/Printer Sharing Part 3 - Network Access Errors

is to a guide specific to XP. However, much is very similiar. Look towards maybe 1/2 way in it tells how to change permissions. You can add either a userid (e.g. Guest) or group. And it talks of Effective Permissions where u enter a userid and it tells you the permissions someone will get (so u know)(

NOW ONLY ADDED DETAIL: Those are all permissions on the Security Tab. There are also a (simple) set of permissions on the Share tab. The "effective permission to the share is whichever of the two permissions is most restrictive.

Easies (and recommened approach) is give liberal permissions for share access and assign any restrictive controls on the Secuirty tab

 

[LookinAround]

You should look at this thread. I think you'll find some additional relevant and useful informatiobn

 

[trinamick]

We have a Linksys router. The permissions are set up correctly on each machine, but I'll try adding the guest account and see how that works. Thanks.

 

[LookinAround]

But also note (as you'll find if you go through the other thread) it's also dependant on whether you have
- Vista Password Protected Sharing OFF (which will use Guest) or
- Vista Password Protected Sharing ON (which will use the logon userid/password of the user. This requires the two machines define and identical user account on both machine)

Go ahead and try and report back. There are still a couple more variables that can be in play. BUT DO report back each setting you are using on the Sharing center (or whatever they call it)

 

[DelJo63]

"adjusting" for Vista. First and importantly is double checking firewall traffic rules

For network discovery of Vista Computers: Windows Vista, these Protocols/Port numbers ,must be allowed
UDP/3702, TCP/5357 TCP/5358

For network discovery of net devices, allow the following incoming traffic:
UDP/1900, TCP/2869

None of the above are necessary! (never were)

For network discovery of computers running Windows XP and for other cases of sharing, must allow input traffic on:
UDP/137, UDP/138, TCP/139, TCP 445

Not discovery, but for print/file sharing; these are the standard ports
for Win/* and Samba access to Linux + Mac OSx

 

[LookinAround]

Originally Posted by LookinAround View Post
"adjusting" for Vista. First and importantly is double checking firewall traffic rules

For network discovery of Vista Computers: Windows Vista, these Protocols/Port numbers ,must be allowed
UDP/3702, TCP/5357 TCP/5358

For network discovery of net devices, allow the following incoming traffic:
UDP/1900, TCP/2869

None of the above are necessary! (never were)

Not discovery, but for print/file sharing; these are the standard ports
for Win/* and Samba access to Linux + Mac OSx

Uhhh... joebeard:

Now i'm confused as to what you say as that port data was copy/pasted from Microsoft

1) If what you say is true (and what i posted is untrue) you best take it up with Microsoft first (but please explain to me also). I copy/pasted Vista firewall port data from an article published Nov 2006 and just updated May 14, 2007. (i found it when looking to find the firewall port deltas needed for Vista) File and Printer Sharing in Windows Vista

2) And also confused cause if none was ever true.. when i put a sniffer on my (or other) LANs i'm always finding SSDP broadcasts using port1900. And other port consistent usage too

 

[DelJo63]

Uhhh... joebeard:

Now i'm confused as to what you say as that port data was copy/pasted from Microsoft

1) If what you say is true (and what i posted is untrue) you best take it up with Microsoft first (but please explain to me also). I copy/pasted Vista firewall port data from an article published Nov 2006 and just updated May 14, 2007. (i found it when looking to find the firewall port deltas needed for Vista) File and Printer Sharing in Windows Vista

use that link, scroll to Figure 11; Notice that several items have enable/disable radio buttons:

Network discovery
File Sharing
Public folder sharing
Printer sharing
​

You can have Print/File Sharing w/o Discovery
The Sharing and Discovery section of the Network and Sharing Center window are still used,
but disabling SSDP and the LLTP services will reduce complexity and tcp traffic w/o inhibiting print/file sharing.

2) And also confused cause if none was ever true.. when i put a sniffer on my (or other) LANs i'm always finding SSDP broadcasts using port1900. And other port consistent usage too

Of course, you have the SSDP service running, which is not necessary an neither is UPnP.
UPnP & SSDP have be security issues for a LONG Time, so these ports frequently
get DENIED
http://www.grc.com/port_1900.htm
http://www.grc.com/port_5000.htm

 

[LookinAround]

ahhh...

maybe a misunderstanding then....

my post indicated the firewalls ports used by Vista (and just as described by MS Vista in the article published describes Vista's ports and their usage)

Now whether or not someone WANTS to use all those services that actually USE all those OPEN ports is another issue (and not what i was trying to convey).

I think that's where our ports (you <---> me ) got crossed. As, was just trying to conevey the ports and usage of the Vista ports. (so readers wouldn't have to go hunting for the full list like i did)

 

[DelJo63]

If one wants 'everything microsoft places on your system', then I guess you're correct
and someone will find that useful.

I've always been a minimalist; run as little as possible.

The SSDP and UPnP were not necessary in XP and are not necessary in Vista either.
The Vista LLTP is bloatware (imo) and only adds a pretty picture of your Lan systems,
but also requires LLTP to be installed on all the XP systems -- intrusive in my book

Like SOOOOO much with PCs, caveat emptor.

 

[LookinAround]

oh. i agree. but my point was to clarify i wasn;t sugestting they use any one or all services/ports vs. supplying data on Vista port usage and services to the reader.

Anyway, glad to know we're in violent agreement! :wave: