Unable to Share Data between Amazon EC2 Instances for Windows

Question

I have two Amazon EC2 Instances running Windows Server 2003 and IIS 6.0. Both the instances are created in the same region and have the same Security Group. I enables icmp for all ports and connection methods, and am able to successfully ping between both my instances. However, when I try to access the shared locations of one EC2 instance feom another, using:

\\<elastic-ip>

or

\\<internal-private-ip>

I am unable to see the shared locations, and get an error saying:

No Network Provider accepted the given network path

I am able to trace from both EC2 instances using the tracert command.

Please let me know of a way to accessed shared locations between two EC2 instances.

Thanks

P.S.: I know that this can alternatively be achieved using S3, but do not wish to use it for different reasons.

score 23 · Accepted Answer · answered Feb 04 '11 at 18:40

I found the answer to my own query, and here it is:

Theory:

This can be found at this Microsoft knowledgebase article which deals with the ways to enable Microsoft file sharing SMB. The below matter is of relevance:

The following ports are associated with file sharing and server message block (SMB) communications:

Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139.

Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD).

How to do it:

Enable the above ports in the security group associated with your EC2 Instance. Once you have done this, your Security Group Permissions should look something like the image below:
Enable the ports in the windows firewalls of both the instances. A detailed method to do so can be found here. Skip step 7 for Windows Server.

This solves the issue, however, a restart of the instances might be needed.

does that enable folder sharing out to the entire world? not sure thats what I would want to do. — djangofan, Mar 03 '11 at 20:57
Yes it does, but you can lock it down to an IP or subnet when you specify the IP — Brien Malone, May 10 '13 at 22:37
The link in step 2 is dead. Can it be updated or the content posted here? — David, Feb 04 '19 at 22:46

score 1 · Answer 2 · answered Oct 30 '20 at 19:13

1

If you are using a Sonicwall, just make sure Netbios is enabled on your VPN interfaces. Otherwise, you will see the share but you won't be able to access it, etc.

answered Oct 30 '20 at 19:13

Jeff Wads

11
1

score 1 · Answer 3 · answered Feb 04 '11 at 04:05

1

Here's the order in which I would check things:

File and printer sharing is enabled on the network adapter
all crucial services are running
all necessary ports are open on both firewalls
Check the application and system event logs for other clues
Make sure there is no TCP filtering set on the network adapter.

answered Feb 04 '11 at 04:05

JakeRobinson

2,886
17
26

Thanks Jake, but those steps are ambiguous and do not answer my question. As may be apparent from my question, I am already aware of the general direction to take. Thanks anyways. – Prashant Feb 04 '11 at 18:42

score 0 · Answer 4 · answered Aug 17 '16 at 03:12

I just enabled the ports 135-139 for both TCP and UDP and port 445 again for both TCP and UDP in Security Group to all users like 0.0.0.0/0 or to my CIDR block and this worked. I could then access the shared drive through IP but not through instance-id or windows machine name. Enabling or disabling these above ports in windows firewall had no affect.

Unable to Share Data between Amazon EC2 Instances for Windows

4 Answers4

Linked