→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ianternet
Engaged Sweeper
I have the premium version and am trying to scan another domain/workgroup

I've set up the domain and domain credentials within Active Scanning and I have set the appropriate details in the IP Range Scanning including the domain 1/2 details, ie workgroup details of these machines as well as snmp community names.

Initiated the scan and on my firewall have opened the snmp port which means I am receiving device information.

Which other firewall ports are recommended to be opened to gather Windows PC information....I've noticed in the firewall that there are a lot blocked requests for a number of ports, eg 25 smtp 445 etc. I don't need to open smtp as I know there are no smtp servers etc.

Cheers

Ian
10 REPLIES 10
AdmJLovejoy
Champion Sweeper
I have run into two issues related to workgroup mode servers. 1. Must use SQL Lansweeperuser account, and 2. Name resolution. I chose to use WINS to solve this, but you can use any method of choice.
Thanks, Jim Lovejoy __________________________________________________________________________________________________ James W. Lovejoy | IBM - Cloud Managed Services Delivery | Infrastructure Architect (Windows Server ...
Hemoco
Lansweeper Alumni
Please contact us by e-mail to troubleshoot.
ianternet
Engaged Sweeper
There are no 3rd party firewalls installed on any of the machines in question.

Ian
Hemoco
Lansweeper Alumni
If the windows firewall isn't blocking it, then most likely a third party firewall is.
ianternet
Engaged Sweeper
Yes I can telnet on port 135

DCom appears to be enabled....I run dcomcnfg and on the default properties tab, Enable Distributed DCom on the computer is checked.

Are there any other requirements for this to work that I could have missed? I know there are quite a number of group policies applied by the IT Manager to his PC's.

Cheers

Ian
Hemoco
Lansweeper Alumni
Can you telnet to port 135 to the target machine?
Also check on the computer that you want to scan if DCOM is enabled, if it's disabled the port will also be closed.
ianternet
Engaged Sweeper
I've literally opened the perimeter firewall for all outgoing connections from the Lansweeper server to the subnet I'm trying to connect which includes my test machine.

I've also disabled the firewall on the test machine, and unfortunately I still get the same errors on the test connection.

I've also entered local admin credentials too.

DNS test
-----------------------------------------------
Is this the correct remote IP: xxx.xxx.xxx.xxx
If not, please check for DNS problems

\root\cimv2 Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Remote WMI test
-----------------------------------------------
\root\cimv2 Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Remote Registry test using WMI
-----------------------------------------------
\root\default Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Still no further I'm afraid.

Cheers

Ian

PS I must be missing something obvious somewhere but what?
gdavid
Champion Sweeper
ianternet,

I was trying to do something similar but from a DMZ. You are probably seeing all the hits on your firewall because lansweeper is attempting to "probe" the computers behind your firewall. The easiest way for you to implement this is to probably setup a second lansweeper scanner behind your firewall and have that scanner scan the computers on that side. you would then only need to open a port from the service to your database on port 1433.

(i think thats all right).
take a look here.

http://www.lansweeper.com/kb/used-TCP-ports.aspx


Since opening up a port from the DMZ to my database server is a bad idea in general. I will most likely go with using a separate scanner in each of my DMZs.
Hemoco
Lansweeper Alumni
The rpc error is caused by a firewall (possible between the 2 subnets), not by incorrect administrator permissions.