I'm currently trying to harden security on our network and notice on an external port scan that ports 135 & 139 are open. I have looked high and low through NAT and firewall settings but cannot see where this is being enabled from. Is this a known issue or is it used by the VPN?

I have created a rule to block these ports but scans still show them as open.

Any ideas?