NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

matthew1471's avatar
May 13, 2018
Solved

ReadyNAS 312/314 : SMB3 Transport Encryption options

Hi,

 

On the global SMB settings is the ability to Disable SMB3 encryption.

On the Network Access SMB settings for the share is "Enabled", "Desired", "Required".

 

I cannot find "Disable" on a per-share basis, only on the global settings, is this a bug?

Also, I cannot find documentation on the difference between "Enabled", "Desired" and "Required"..

 

Also, where is the documentation for "Strict sync" and could the info on "Auto-Defrag" (https://kb.netgear.com/000055129/ReadyNAS-OS-6-9-3-Auto-Defrag) be included in the help. This is on Version 6.9.3.

 

Thanks,

Matthew

  • Hi matthew1471

     

    On Global you can disable or enable SMB3 Encryption then "Disable" is not included on the per-sahre option and is not a bug. Choosing "Enabled" option does authenticate SMB3 if you require it but does allow connection without any Authentication/Encryption. Choosing "Desired" is when you ask/requet for it to be authenticated and "Required" means always use Authentication/Encryption.

     

    We can request/update the Autodefrag info and be included.

     

    Hope this helps!

     

     

    Regards

     

     

2 Replies

Replies have been turned off for this discussion
  • Marc_V's avatar
    Marc_V
    NETGEAR Employee Retired

    Hi matthew1471

     

    On Global you can disable or enable SMB3 Encryption then "Disable" is not included on the per-sahre option and is not a bug. Choosing "Enabled" option does authenticate SMB3 if you require it but does allow connection without any Authentication/Encryption. Choosing "Desired" is when you ask/requet for it to be authenticated and "Required" means always use Authentication/Encryption.

     

    We can request/update the Autodefrag info and be included.

     

    Hope this helps!

     

     

    Regards

     

     

    • Thank you, so to paraphrase (let me know if I haven't got this right):

       

      On Global you can fully disable or enable SMB3 Encryption support entirely so "Disable" is not included on the per-share option when the feature is entirely disabled and therefore this is not a bug.

       

      • Choosing "Enabled" option allows clients to authenticate as SMB3 if they want to but still allows connection with clients with no Authentication/Encryption and doesn't suggest they encrypt/authenticate.
      • Choosing "Desired" is when you ask clients to ideally be authenticated, unencrypted/unauthenticated clients are still allowed.
      • "Required" means always use Authentication/Encryption and reject clients with no Authentication/Encryption.

      Thanks again for your help :)

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More