I host an SMB server on a Mikrotik router that runs RouterOS v7.17. In the most recent update they changed something and now Infuse fails to connect to the SMB share. On the other hand native macOS SMB client can still connect without a problem.
I tried to troubleshoot by sniffing network traffic with Wireshark. Below are the Wireshark dissected excerpts.
When I use Infuse:
--Request by Infuse--> SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
SMB Command: Negotiate Protocol (0x72)
NT Status: STATUS_SUCCESS (0x00000000)
Flags: 0x18, Canonicalized Pathnames, Case Sensitivity
0... .... = Request/Response: Message is a request to the server
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...1 .... = Canonicalized Pathnames: Pathnames are canonicalized
.... 1... = Case Sensitivity: Path names are caseless
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0xc843, Unicode Strings, Error Code Type, Extended Security Negotiation, Long Names Used, Extended Attributes, Long Names Allowed
1... .... .... .... = Unicode Strings: Strings are Unicode
.1.. .... .... .... = Error Code Type: Error codes are NT error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported
.... .0.. .... .... = Reparse Path: The request does not use a @GMT reparse path
.... .... .1.. .... = Long Names Used: Path names in request are long file names
.... .... ...0 .... = Security Signatures Required: Security signatures are not required
.... .... .... 0... = Compressed: Compression is not requested
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..1. = Extended Attributes: Extended attributes are supported
.... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response
Process ID High: 0
Signature: 0000000000000000
Reserved: 0000
Tree ID: 0
Process ID: 1344
User ID: 0
Multiplex ID: 0
Negotiate Protocol Request (0x72)
Word Count (WCT): 0
Byte Count (BCC): 34
Requested Dialects
Dialect: NT LM 0.12
Buffer Format: Dialect (2)
Name: NT LM 0.12
Dialect: SMB 2.002
Buffer Format: Dialect (2)
Name: SMB 2.002
Dialect: SMB 2.???
Buffer Format: Dialect (2)
Name: SMB 2.???
<--Reply by RouterOS-- SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
NT Status: STATUS_SUCCESS (0x00000000)
Command: Negotiate Protocol (0)
Credits granted: 1
Flags: 0x00000001, Response
.... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 0
Reserved: 0x00000000
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
Negotiate Protocol Response (0x00)
StructureSize: 0x0041
0000 0000 0100 000. = Fixed Part Length: 32
.... .... .... ...1 = Dynamic Part: True
Security mode: 0x01, Signing enabled
.... ...1 = Signing enabled: True
.... ..0. = Signing required: False
Dialect: SMB2 wildcard (0x02ff)
Reserved: 0
Server Guid: 00000000-0000-0000-0000-000000000000
Capabilities: 0x0000000c, LARGE MTU, MULTI CHANNEL
.... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
.... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
.... .... .... .... .... .... .... .1.. = LARGE MTU: This host supports LARGE_MTU
.... .... .... .... .... .... .... 1... = MULTI CHANNEL: This host supports MULTI CHANNEL
.... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
.... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
.... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
.... .... .... .... .... .... 0... .... = NOTIFICATIONS: This host does NOT support receiving NOTIFICATIONS
Max Transaction Size: 1048576
Max Read Size: 4194304
Max Write Size: 4194304
Current Time: Jan 19, 2025 19:31:13.155350300 PST
Boot Time: No time specified (0)
Blob Offset: 0x00000080
Blob Length: 74
Security Blob: 604806062b0601050502a03e303ca00e300c060a2b06010401823702020aa32a3028a0261b246e6f745f646566696e65645f696e5f5246433431373840706c656173655f69676e6f7265
GSS-API Generic Security Service Application Program Interface
OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
Simple Protected Negotiation
negTokenInit
mechTypes: 1 item
MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)
negHints
hintName: not_defined_in_RFC4178@please_ignore
Reserved2: 0x00000000
--Request by Infuse--> SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
Channel Sequence: 0
Reserved: 0000
Command: Negotiate Protocol (0)
Credits requested: 99
Flags: 0x00000000
.... .... .... .... .... .... .... ...0 = Response: This is a REQUEST
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 1
Reserved: 0x00000000
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
[Response in: 28]
Negotiate Protocol Request (0x00)
[Preauth Hash: d5a10eba0dae463de64e00a9d6f28d86caf27f31cbee57633eee39494cbf27b6c601bf7ee95418c314a20508a331866661c4abd3b99240566b0f96e46bb3f036]
StructureSize: 0x0024
0000 0000 0010 010. = Fixed Part Length: 18
.... .... .... ...0 = Dynamic Part: False
Dialect count: 4
Security mode: 0x01, Signing enabled
.... ...1 = Signing enabled: True
.... ..0. = Signing required: False
Reserved: 0000
Capabilities: 0x00000045, DFS, LARGE MTU, ENCRYPTION
.... .... .... .... .... .... .... ...1 = DFS: This host supports DFS
.... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
.... .... .... .... .... .... .... .1.. = LARGE MTU: This host supports LARGE_MTU
.... .... .... .... .... .... .... 0... = MULTI CHANNEL: This host does NOT support MULTI CHANNEL
.... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
.... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
.... .... .... .... .... .... .1.. .... = ENCRYPTION: This host supports ENCRYPTION
.... .... .... .... .... .... 0... .... = NOTIFICATIONS: This host does NOT support receiving NOTIFICATIONS
Client Guid: 51497ea5-5cef-b244-b964-6e8ce408a16f
NegotiateContextOffset: 0x00000000
NegotiateContextCount: 0
Reserved: 0000
Dialect: SMB 2.0.2 (0x0202)
Dialect: SMB 2.1 (0x0210)
Dialect: SMB 3.0 (0x0300)
Dialect: SMB 3.0.2 (0x0302)
<--Reply by RouterOS-- SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
NT Status: STATUS_INSUFFICIENT_RESOURCES (0xc000009a)
Command: Negotiate Protocol (0)
Credits granted: 1
Flags: 0x00000001, Response
.... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 1
Reserved: 0x00000000
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
[Response to: 24]
[Time from request: 0.000004000 seconds]
Negotiate Protocol Response (0x00)
[Preauth Hash: f4c7dbdcf3ecb837e5cb129c6cc7c78a3a6f3b2b56109787fd24bcdf2ce7ac44650bd5b25beafbb863ca3411f0f53ebfc1a15743abe42cd58eb4777cdc21ddc2]
StructureSize: 0x0009
0000 0000 0000 100. = Fixed Part Length: 4
.... .... .... ...1 = Dynamic Part: True
Error Context Count: 0
Reserved: 0x00
Byte Count: 0
Error Data: 00
When I use macOS’s Finder:
--Request by macOS--> SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
SMB Command: Negotiate Protocol (0x72)
NT Status: STATUS_SUCCESS (0x00000000)
Flags: 0x08, Case Sensitivity
0... .... = Request/Response: Message is a request to the server
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized
.... 1... = Case Sensitivity: Path names are caseless
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0xc801, Unicode Strings, Error Code Type, Extended Security Negotiation, Long Names Allowed
1... .... .... .... = Unicode Strings: Strings are Unicode
.1.. .... .... .... = Error Code Type: Error codes are NT error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported
.... .0.. .... .... = Reparse Path: The request does not use a @GMT reparse path
.... .... .0.. .... = Long Names Used: Path names in request are not long file names
.... .... ...0 .... = Security Signatures Required: Security signatures are not required
.... .... .... 0... = Compressed: Compression is not requested
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..0. = Extended Attributes: Extended attributes are not supported
.... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response
Process ID High: 0
Signature: 0000000000000000
Reserved: 0000
Tree ID: 65535
Process ID: 1
User ID: 65535
Multiplex ID: 0
Negotiate Protocol Request (0x72)
Word Count (WCT): 0
Byte Count (BCC): 34
Requested Dialects
Dialect: NT LM 0.12
Buffer Format: Dialect (2)
Name: NT LM 0.12
Dialect: SMB 2.002
Buffer Format: Dialect (2)
Name: SMB 2.002
Dialect: SMB 2.???
Buffer Format: Dialect (2)
Name: SMB 2.???
<--Reply by RouterOS-- SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
NT Status: STATUS_SUCCESS (0x00000000)
Command: Negotiate Protocol (0)
Credits granted: 1
Flags: 0x00000001, Response
.... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 0
Reserved: 0x00000000
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
Negotiate Protocol Response (0x00)
StructureSize: 0x0041
0000 0000 0100 000. = Fixed Part Length: 32
.... .... .... ...1 = Dynamic Part: True
Security mode: 0x01, Signing enabled
.... ...1 = Signing enabled: True
.... ..0. = Signing required: False
Dialect: SMB2 wildcard (0x02ff)
Reserved: 0
Server Guid: 00000000-0000-0000-0000-000000000000
Capabilities: 0x0000000c, LARGE MTU, MULTI CHANNEL
.... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
.... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
.... .... .... .... .... .... .... .1.. = LARGE MTU: This host supports LARGE_MTU
.... .... .... .... .... .... .... 1... = MULTI CHANNEL: This host supports MULTI CHANNEL
.... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
.... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
.... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
.... .... .... .... .... .... 0... .... = NOTIFICATIONS: This host does NOT support receiving NOTIFICATIONS
Max Transaction Size: 1048576
Max Read Size: 4194304
Max Write Size: 4194304
Current Time: Jan 19, 2025 19:12:36.815501500 PST
Boot Time: No time specified (0)
Blob Offset: 0x00000080
Blob Length: 74
Security Blob: 604806062b0601050502a03e303ca00e300c060a2b06010401823702020aa32a3028a0261b246e6f745f646566696e65645f696e5f5246433431373840706c656173655f69676e6f7265
GSS-API Generic Security Service Application Program Interface
OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
Simple Protected Negotiation
negTokenInit
mechTypes: 1 item
MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)
negHints
hintName: not_defined_in_RFC4178@please_ignore
Reserved2: 0x00000000
--Request by macOS--> SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
Channel Sequence: 0
Reserved: 0000
Command: Negotiate Protocol (0)
Credits requested: 0
Flags: 0x00000000
.... .... .... .... .... .... .... ...0 = Response: This is a REQUEST
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 1
Reserved: 0x0000feff
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
[Response in: 58]
Negotiate Protocol Request (0x00)
[Preauth Hash: d31c2830b42fa5c6603ae5e67d9fbbd519687ecc35f3a604d91d0b2cf677831d9ee858e922cf7f1e2fbd9e18b9c1fef59ddb991a3fe69433da1d3eac9afa60c8]
StructureSize: 0x0024
0000 0000 0010 010. = Fixed Part Length: 18
.... .... .... ...0 = Dynamic Part: False
Dialect count: 5
Security mode: 0x01, Signing enabled
.... ...1 = Signing enabled: True
.... ..0. = Signing required: False
Reserved: 0000
Capabilities: 0x0000007f, DFS, LEASING, LARGE MTU, MULTI CHANNEL, PERSISTENT HANDLES, DIRECTORY LEASING, ENCRYPTION
.... .... .... .... .... .... .... ...1 = DFS: This host supports DFS
.... .... .... .... .... .... .... ..1. = LEASING: This host supports LEASING
.... .... .... .... .... .... .... .1.. = LARGE MTU: This host supports LARGE_MTU
.... .... .... .... .... .... .... 1... = MULTI CHANNEL: This host supports MULTI CHANNEL
.... .... .... .... .... .... ...1 .... = PERSISTENT HANDLES: This host supports PERSISTENT HANDLES
.... .... .... .... .... .... ..1. .... = DIRECTORY LEASING: This host supports DIRECTORY LEASING
.... .... .... .... .... .... .1.. .... = ENCRYPTION: This host supports ENCRYPTION
.... .... .... .... .... .... 0... .... = NOTIFICATIONS: This host does NOT support receiving NOTIFICATIONS
Client Guid: 5918f3a6-8558-bf44-bce9-89cb9c46119a
NegotiateContextOffset: 0x00000070
NegotiateContextCount: 5
Reserved: 0000
Dialect: SMB 2.0.2 (0x0202)
Dialect: SMB 2.1 (0x0210)
Dialect: SMB 3.0 (0x0300)
Dialect: SMB 3.0.2 (0x0302)
Dialect: SMB 3.1.1 (0x0311)
Negotiate Context: SMB2_PREAUTH_INTEGRITY_CAPABILITIES
Type: SMB2_PREAUTH_INTEGRITY_CAPABILITIES (0x0001)
DataLength: 38
Reserved: 00000000
HashAlgorithmCount: 1
SaltLength: 32
HashAlgorithm: SHA-512 (0x0001)
Salt: b2967270afec39d772b756b248b7e7f8c6868f28a5bd3dae84be2c94061cdd38
Negotiate Context: SMB2_ENCRYPTION_CAPABILITIES
Type: SMB2_ENCRYPTION_CAPABILITIES (0x0002)
DataLength: 10
Reserved: 00000000
CipherCount: 4
CipherId: AES-256-GCM (0x0004)
CipherId: AES-256-CCM (0x0003)
CipherId: AES-128-GCM (0x0002)
CipherId: AES-128-CCM (0x0001)
Negotiate Context: SMB2_COMPRESSION_CAPABILITIES
Type: SMB2_COMPRESSION_CAPABILITIES (0x0003)
DataLength: 10
Reserved: 00000000
CompressionAlgorithmCount: 1
Flags: 0x00000000
.... .... .... .... .... .... .... ...0 = Chained: False
0000 0000 0000 0000 0000 0000 0000 000. = Reserved: 0x00000000
CompressionAlgorithmId: None (0x0000)
Negotiate Context: SMB2_SIGNING_CAPABILITIES
Type: SMB2_SIGNING_CAPABILITIES (0x0008)
DataLength: 6
Reserved: 00000000
SigningAlgorithmCount: 2
SigningAlgorithmId: AES-GMAC (0x0002)
SigningAlgorithmId: AES-CMAC (0x0001)
Negotiate Context: SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
Type: SMB2_NETNAME_NEGOTIATE_CONTEXT_ID (0x0005)
DataLength: 58
Reserved: 00000000
Netname: Shared Movies._smb._tcp.local
<--Reply by RouterOS-- SMB2 (Server Message Block Protocol version 2)
SMB2 Header
ProtocolId: 0xfe534d42
Header Length: 64
Credit Charge: 0
NT Status: STATUS_SUCCESS (0x00000000)
Command: Negotiate Protocol (0)
Credits granted: 1
Flags: 0x00000001, Response
.... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
.... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
.... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
.... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
.... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY
...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
Chain Offset: 0x00000000
Message ID: 1
Reserved: 0x0000feff
Tree Id: 0x00000000
Session Id: 0x0000000000000000
Signature: 00000000000000000000000000000000
[Response to: 54]
[Time from request: 0.000007000 seconds]
Negotiate Protocol Response (0x00)
[Preauth Hash: 5c8cf3670d9ca5d3b91e2199ac05900e9dc87288dfab3e1ebf702d0fba52eaeafe46ae3070c36de4b1460af9540cd3ceeb601c97b62ba1d73ab22a9a011d192f]
StructureSize: 0x0041
0000 0000 0100 000. = Fixed Part Length: 32
.... .... .... ...1 = Dynamic Part: True
Security mode: 0x01, Signing enabled
.... ...1 = Signing enabled: True
.... ..0. = Signing required: False
Dialect: SMB 3.1.1 (0x0311)
NegotiateContextCount: 3
Server Guid: 00000000-0000-0000-0000-000000000000
Capabilities: 0x0000000c, LARGE MTU, MULTI CHANNEL
.... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
.... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
.... .... .... .... .... .... .... .1.. = LARGE MTU: This host supports LARGE_MTU
.... .... .... .... .... .... .... 1... = MULTI CHANNEL: This host supports MULTI CHANNEL
.... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
.... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
.... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
.... .... .... .... .... .... 0... .... = NOTIFICATIONS: This host does NOT support receiving NOTIFICATIONS
Max Transaction Size: 1048576
Max Read Size: 4194304
Max Write Size: 4194304
Current Time: Jan 19, 2025 19:12:36.820239300 PST
Boot Time: No time specified (0)
Blob Offset: 0x00000080
Blob Length: 74
Security Blob: 604806062b0601050502a03e303ca00e300c060a2b06010401823702020aa32a3028a0261b246e6f745f646566696e65645f696e5f5246433431373840706c656173655f69676e6f7265
GSS-API Generic Security Service Application Program Interface
OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
Simple Protected Negotiation
negTokenInit
mechTypes: 1 item
MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)
negHints
hintName: not_defined_in_RFC4178@please_ignore
NegotiateContextOffset: 0x000000d0
Negotiate Context: SMB2_PREAUTH_INTEGRITY_CAPABILITIES
Type: SMB2_PREAUTH_INTEGRITY_CAPABILITIES (0x0001)
DataLength: 38
Reserved: 00000000
HashAlgorithmCount: 1
SaltLength: 32
HashAlgorithm: SHA-512 (0x0001)
Salt: edb44f22adfc8867776d42525d298d1ee4b228e0690e951e33ad271ab36e6f6a
Negotiate Context: SMB2_ENCRYPTION_CAPABILITIES
Type: SMB2_ENCRYPTION_CAPABILITIES (0x0002)
DataLength: 4
Reserved: 00000000
CipherCount: 1
CipherId: AES-128-GCM (0x0002)
Negotiate Context: SMB2_SIGNING_CAPABILITIES
Type: SMB2_SIGNING_CAPABILITIES (0x0008)
DataLength: 4
Reserved: 00000000
SigningAlgorithmCount: 1
SigningAlgorithmId: AES-CMAC (0x0001)
While I’m sure my router vendor can do better and will eventually address the problem, perhaps my case may shed some light onto similar problems I saw on this forum.