After 24H2 update, the host's SMB shares stopped being reachable through the Default Switch network


D

dsent

Member
Local time
11:59 PM
Posts
4
OS
Windows 11
Hi all, first time posting.

After updating to 24H2, my VMs lost access to the host's network shares.

Please note: this is different from other problems I found discussed in other places. This is not related to the problem with authentication and general network problems (169.x.x.x addresses and such).

Hours of painful troubleshooting and monitoring revealed that the host doesn't even seem to listen to SMB ports on the vEthernet (Default Switch). These ports look closed from the VMs. It's either that the server doesn't even bind to these virtual adapters, or (doubtfully) there's some extra firewall, that is not Windows Firewall, blocking access.

I can (1) reach the Internet from VMs, and (2) my shares on the host are still available to other hosts in the local network, and (3) the shares of the other hosts on the local network are still available to my VMs. The problem is specifically with the VMs connected to the Default Switch vEthernet unable to access the host's shares. Everything else works as it worked before. The Windows Firewall doesn't have to do anything with this, too (disabling it on both the host and the guest doesn't help).

For now, my workaround is connecting all my VMs to a custom External virtual switch (connected to one of my host PC's NICs). This is cumbersome, as I have to change the network every time I switch from Ethernet to Wi-Fi and back, and I'm not comfortable exposing everything to the VMs, and exposing my VMs like that. I'd much prefer NATting everything through the Default Switch as before.
WSL and Docker VMs that connect through their own Internal network vswitch, can't access host SMB shares as well.

Has anyone else encountered this? Is there a solution to make the host expose SMB through the default vEthernet again?
 
Windows Build/Version
Windows 11 Pro 24H2 / 26100.2314 / Windows Feature Experience Pack 1000.26100.32.0

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo X1 Carbon 9th Gen
    CPU
    i7-1165G7
    Memory
    32GB
    Graphics Card(s)
    Iris XE + 4090 EGPU
dsent said:
The problem is specifically with the VMs connected to the Default Switch vEthernet unable to access the host's shares.
Click to expand...
Welcome to Eleven Forum.

Is the guest VM running 24H2? Do you use a blank password for your accounts on the VM and/or the host machine? If so that would explain it. 24H2 has tighter security by default and won't let you connect without a password. I use accounts without passwords for my host and my Hyper-V VMs. When I got my first 24H2 VM I had to create a local account on the host and give it a password, then set up credentials in the 24H2 VM so that it would connect using that account name and password.

Bree said:
There are two ways to connect. The first is to create a Windows Credential for an account with a password on that other PC.

The second is to turn off the restriction on insecure logins.
Click to expand...

Win11 24H2 Installed, now no network sharing

Hi Guys, I upgraded to 24H2 Pro on my desktop and one laptop. Two laptops still on 23H2 Pro. The laptops on 23H2 still have network sharing seeing all PCs and able to access the shared folders. The 24H2 PCs see the other PCs, but have no access to sharing, with error message 'Network Path Not...
www.elevenforum.com www.elevenforum.com
 
Last edited:

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October 2021 it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update, and 24H2 on 3rd October 2024 through Windows Update by setting the Target Release Version for 24H2.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package. In-place upgrade to 24H2 using hybrid 23H2/24H2 install media. Also running Insider Beta, Dev, and Canary builds as a native boot .vhdx.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
Thanks for the welcome!

The guest runs 23H2. The security is not the problem. I can connect to the host just fine using a custom virtual switch bound to the host's Ethernet. Actually, I've succeeded in connecting to the host's shares through the default switch. I can connect if I add a line to my hosts file, like this:
Code: 
192.168.1.20 hyper-v.host
where 192.168.1.20 is my host's external Ethernet address.

Previously (before 24H2), I was able to connect to the host through its internal address, e.g. 172.23.96.1. I see this address as the default gateway if I run ipconfig /all on the guest. Now it seems that something has changed, almost like this address doesn't belong to the host anymore, but to some actual router that routes packages from the guest to the host and beyond.

It'd be okay, but the annoying consequence is that local network discovery doesn't work. I can connect to the hosts I know addresses in advance, but the DHCP server inside the Default Switch/NAT won't resolve these names. It kinda makes sense, but why it resolves the outside Internet addresses then?

I'm trying to figure out the details of this default DHCP/DNS/NAT thingy that runs automatically when I connect VMs to the default switch, but it's not very straightforward.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo X1 Carbon 9th Gen
    CPU
    i7-1165G7
    Memory
    32GB
    Graphics Card(s)
    Iris XE + 4090 EGPU
Are you using accounts with no password? If so the host will by default refuse to accept an incoming insecure connection after the host has been upgraded to 24H2. You could enable insecure guest logons for the host's 24H2.

Microsoft said:
  1. Select Start, type gpedit.msc, and select Edit group policy.
  2. In the left pane under Local Computer Policy, navigate to Computer Configuration\Administrative Templates\Network\Lanman Workstation.
  3. Open Enable insecure guest logons, select Enabled, then select OK.
Click to expand...
learn.microsoft.com

Enable insecure guest logons in SMB2 and SMB3 for Windows client and Windows Server

This article describes how to enable guest logons policy in SMB2 and SMB3 for Windows client and Windows Server devices using Group Policy and PowerShell.
learn.microsoft.com

1727812742812-png.110750
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October 2021 it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update, and 24H2 on 3rd October 2024 through Windows Update by setting the Target Release Version for 24H2.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package. In-place upgrade to 24H2 using hybrid 23H2/24H2 install media. Also running Insider Beta, Dev, and Canary builds as a native boot .vhdx.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
With all due respect, this has NOTHING to do with security. I don't use accounts with no passwords, and I can connect to the server using the host's external address. The problem is completely different and has no connection whatsoever with the changes in security (I haven't used SMB1 or accounts with no passwords in years, so the changes didn't affect me at all).

The changes I'm trying to figure out are the changes to how virtual switches work in Hyper-V, especially NAT, DHCP and DNS in the Default Switch. Something has changed in these after the update, but I'm not sure yet, what exactly.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo X1 Carbon 9th Gen
    CPU
    i7-1165G7
    Memory
    32GB
    Graphics Card(s)
    Iris XE + 4090 EGPU
dsent said:
The changes I'm trying to figure out are the changes to how virtual switches work in Hyper-V, especially NAT, DHCP and DNS in the Default Switch. Something has changed in these after the update, but I'm not sure yet, what exactly.
Click to expand...
My host machine is still on 23H2. It hasn't been offered 24H2 yet. Only its guests are on 24H2. I'm in no hurry to force the 24H2 update onto it, others who have a 24H2 host may be able to help.

The changes to security in 24H2 are very real. I've had to cope with them on all my other machines, both physical and VM, that now have 24H2.
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October 2021 it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update, and 24H2 on 3rd October 2024 through Windows Update by setting the Target Release Version for 24H2.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package. In-place upgrade to 24H2 using hybrid 23H2/24H2 install media. Also running Insider Beta, Dev, and Canary builds as a native boot .vhdx.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, Canary, and Release Preview builds as a native boot .vhdx.
Bree said:
The changes to security in 24H2 are very real. I've had to cope with them on all my other machines, both physical and VM, that now have 24H2.
Click to expand...
I know the changes are real, it's just that they are not relevant to me specifically. I'm trying to stay up-to-date with the security stuff, and it's been about at least 15 years since I used passwordless accounts for anything.

I've pinpointed the problem to the implementation of DHCP and DNS in the default vEthernet switch, but still can't fully figure out if it's even possible to revert to the old behavior.

Anyway, thanks for trying to help! I guess it will be helpful to other people who can't connect to the shares because of the security changes.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo X1 Carbon 9th Gen
    CPU
    i7-1165G7
    Memory
    32GB
    Graphics Card(s)
    Iris XE + 4090 EGPU
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom