How can I access a On-Premise network file share drive from Azure App service to upload a file using standard smb ports?

Question

We have ASP.NET core web app hosted on Azure as App service. There is a file upload screen in this web application. On click of upload button, application tries to connect to a on-premise network file share drive and copies the uploaded file there. But after reading through few articles it seems that standard smb ports like 139, 445 are blocked to access from App service. I guess which is why we are receiving access denied while doing file upload.

Any suggestions on how can I access the on-premise network drive for above requirement?

Answer 1

Thanks for asking question! Yes, The following protocols and ports are required to access the files: Microsoft file sharing SMB: UDP ports from 135 through 139 and TCP ports from 135 through 139. Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD).

Check: https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/internet-firewalls-prevent-browsing-file-sharing

And the App Service sandbox explicitly does not allow access to the ports necessary for SMB protocol (137/138/139/445).
There are restrictions in terms of network access from an Azure Web App. This section outlines limitations specific to Azure App Service; apps are, in addition, still subject to Azure's own networking restrictions.

Check this article link mentions it under Restricted Outgoing Ports: https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox.

Alternatively, you can use Azure File Share and access using REST.

Also, the best way to share your feedback would be to create a User Voice feedback item and upvote it. The product group monitors this site for feedback. This is the best way to ensure you are heard and you may receive a response depending on how much they information they can currently share.