This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 39%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHK%3C/text%3E%3C/svg%3E)
I am so friggin confused. I'm trying to use Azure file storage on a windows server and Test-NetConnection gives both "Status: TimeOut" and "TcpTestSucceeded : True". Can anyone explain what this means?
PS C:\Users\a-khemmerling> Test-NetConnection -ComputerName ([System.Uri]::new($AzStorageAcct.Context.FileEndPoint).Host) -Port 445
WARNING: Ping to o365sqlfsw.file.core.windows.net failed -- Status: TimedOut
ComputerName : o365******.file.core.windows.net
RemoteAddress : 52.239.190.8
RemotePort : 445
InterfaceAlias : Ethernet0
SourceAddress : 192.168.84.94
PingSucceeded : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : True
Test-NetConnection isn't specific to Azure, it can be used between any two members.
https://learn.microsoft.com/en-us/powershell/module/nettcpip/test-netconnection?view=win10-ps
I don't mean to be rude or ungrateful for the help but a quick Google search shows that Azure File Storage doesn't respond to ICMP pings so... why would Microsoft include a test that is known to not work?
@HemmerlingKen-3861 Firstly apologies for delay in responding here! Port 445 is open: The SMB protocol requires TCP port 445 to be open; connections will fail if port 445 is blocked. You can check if your firewall is blocking port 445 with the Test-NetConnection cmdlet. To learn about ways to work around a blocked 445 port, see the Cause 1: Port 445 is blocked section of our Windows troubleshooting guide.
To check if your firewall or ISP is blocking port 445, use the AzFileDiagnostics tool or Test-NetConnection cmdlet.
Azure Files only allows connections using SMB 3.0 (with encryption support) from outside the region or datacenter. SMB 3.0 protocol has introduced many security features including channel encryption which is very secure to use over internet. However its possible that port 445 has been blocked due to historical reasons of vulnerabilities found in lower SMB versions. In ideal case, the port should be blocked for only for SMB 1.0 traffic and SMB 1.0 should be turned off on all clients.
If you have ever been blocked using Azure Files due to your ISP's port 445, you can setup a Point to Site VPN to your Azure Files. Refer to the suggestions mentioned in the GitHub article
You can mount the file share on your local machine by using the SMB 3.0 protocol, or you can use tools like Storage Explorer to access files in your file share. From your application, you can use storage client libraries, REST APIs, PowerShell, or Azure CLI to access your files in the Azure file share.
Additional information: ExpressRoute is not required to access an Azure file share. If you are mounting an Azure file share directly on-premises, all that's required is to have port 445 (TCP outbound) open for internet access (this is the port that SMB uses to communicate). If you're using Azure File Sync, all that's required is port 443 (TCP outbound) for HTTPS access (no SMB required). However, you can use ExpressRoute with either of these access options.
Hope this helps!
Kindly let us know if the above helps or you need further assistance on this issue.
Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.
Hmmm... that's weird, the site just threw an error when I tried to post a reply. Let me try again.
Thanks everyone for your help. My understanding is that the Test-NetConnection is a generic testing tool that includes a ping and that the warning from the failure of the ping can be ignored when testing connectivity to Azure. In addition, the important information is "TcpTestSucceeded : True" which indicates proper connectivity through port 445.
I wish I could mark multiple replies as the answer but in lieu of that, I'll mark DSPatricks final post where he pointed out the generic nature of Test-NetConnection. Thanks, I was very focused on my Azure connectivity problem and should have realized that.
I appreciate all the help. Thanks.
Ken
Glad to hear, you're welcome.