Skip to main content
NetApp Knowledge Base

CIFS disconnect while copying data when encryption is enabled and NULL sessions are created

Views:
871
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
NAS
Last Updated:

Applies to

  • ONTAP 9
  • Microsoft Defender
  • SMB Encryption

Issue

  • Network Error: There is a problem accessing <path>. Make sure that you're connected to the network and try again

CIFS disconnect while copying data when encryption is enabled and NULL sessions are created.png

  • Every time a Windows client, with Microsoft Defender enabled, sends an encrypted packet, ONTAP resets the TCP stream
  • No. Time Source Destination Protocol Length tcp.srcport tcp.dstport tcp.stream smb2.acct smb2.domain smb2.host ntlmssp.auth.domain ntlmssp.auth.username Info
    575 ...  <ip-1> <ip-2>      SMB2     186    57663         445       0          -         -           -         -                   -                     Session Setup Request, NTLMSSP_NEGOTIATE
    588 ...  <ip-1> <ip-2>      SMB2     281    57663         445       0          -         -           <domain>  NULL                NULL                  Session Setup Request, NTLMSSP_AUTH, User: \
    589 ...  <ip-2> <ip-1>      SMB2     130      445       57663       0          -         -           <domain>  -                   -                     Session Setup Response
    593 ...  <ip-2> <ip-1>      TCP       54      445       57663       0          -         -           -         -                   -                     445 → 57663 [RST, ACK] Seq=1198768 Ack=55095 Win=259 Len=0
    595 ...  <ip-2> <ip-1>      TCP       54      445       57663       0          -         -           -         -                   -                     445 → 57663 [RST] Seq=1198768 Win=0 Len=0
    597 ...  <ip-2> <ip-1>      TCP       54      445       57663       0          -         -           -         -                   -                     445 → 57663 [RST] Seq=1198768 Win=0 Len=0
    anonymous (null) login, no user (User: \)
    • anonymous (null) login, no user (User: \), so as you can see the CIFS/SMB server sends a TCP [RST] to the CIFS/SMB client, see frames: 593,595,597

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.