SMB on non-standard port

smb_on_non_standard_port.txt

In Windows, there are two issues at play.

    The Windows SMB Client only connects on port 445.
    The Windows SMB Server reserves port 445 on all interfaces at startup, preventing other applications from binding to it (for the purposes of port forwarding).

The following steps overcome the second issue, ultimately allowing you to access your SAMBA share from a Windows PC via the SSH tunnel.

Admin rights are required for the initial setup.

Allow binding to 127.0.0.2
    netsh interface ipv4 add address "Loopback Pseudo-Interface 1" 127.0.0.2

The following steps configure Port Forwarding to run before LAN Man Service, which will let us reserve 127.0.0.2:445 for our own use.
    Inspect the current dependencies for 'Server' service
        sc qc lanmanserver

    Add 'iphlpsvc' as a dependency. Note - the space after 'depend' is important.
        sc config lanmanserver depend= samss/srv2/iphlpsvc

    Create a Port Forward between 127.0.0.2:445 and 127.0.0.1:44500. (Since the Port Forwarding Service now runs first, it means it'll be reserved for our use and not automatically taken by the Windows SMB Component).
        netsh interface portproxy add v4tov4 listenaddress=127.0.0.2 listenport=445 connectaddress=127.0.0.1 connectport=44500

    Reboot, check:
        netstat -an | find ":445"

    Expect:
        TCP    127.0.0.2:445          0.0.0.0:0              LISTENING

You can now create the tunnel:
    ssh user@remotehost -L 127.0.0.1:44500:localhost:445

And in Windows, you can browse:
    \\127.0.0.2