I discovered that IPv6 ranges are not working correctly in Samba server configuration section 'hosts allow/deny'. Seems that Samba server allows client connections from outside specified IPv6 ranges: ´´´ $ sudo testparm -V Version 4.19.5-Debian ´´´ ´´´ $ cat smb-test.conf [global] hosts allow = fc00::/7 hosts deny = all [disk_home] path = /test/%u read only = No valid users = @users ´´´ ´´´ $ sudo testparm -s smb-test.conf host-ip ffff:: Load smb config files from smb-test.conf Loaded services file OK. Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback) WARNING: lock directory /run/samba does not exist WARNING: pid directory /run/samba does not exist Server role: ROLE_STANDALONE Allow connection from host-ip (ffff::) to disk_home ´´´