Scanning another domain/workgroup

ianternet · ‎10-06-2010

I have the premium version and am trying to scan another domain/workgroup

I've set up the domain and domain credentials within Active Scanning and I have set the appropriate details in the IP Range Scanning including the domain 1/2 details, ie workgroup details of these machines as well as snmp community names.

Initiated the scan and on my firewall have opened the snmp port which means I am receiving device information.

Which other firewall ports are recommended to be opened to gather Windows PC information....I've noticed in the firewall that there are a lot blocked requests for a number of ports, eg 25 smtp 445 etc. I don't need to open smtp as I know there are no smtp servers etc.

Cheers

Ian

AdmJLovejoy · ‎10-10-2010

I have run into two issues related to workgroup mode servers. 1. Must use SQL Lansweeperuser account, and 2. Name resolution. I chose to use WINS to solve this, but you can use any method of choice.

Thanks, Jim Lovejoy __________________________________________________________________________________________________ James W. Lovejoy | IBM - Cloud Managed Services Delivery | Infrastructure Architect (Windows Server ...

Hemoco · ‎10-08-2010

Please contact us by e-mail to troubleshoot.

ianternet · ‎10-07-2010

There are no 3rd party firewalls installed on any of the machines in question.

Ian

Hemoco · ‎10-07-2010

If the windows firewall isn't blocking it, then most likely a third party firewall is.

ianternet · ‎10-07-2010

Yes I can telnet on port 135

DCom appears to be enabled....I run dcomcnfg and on the default properties tab, Enable Distributed DCom on the computer is checked.

Are there any other requirements for this to work that I could have missed? I know there are quite a number of group policies applied by the IT Manager to his PC's.

Cheers

Ian

Hemoco · ‎10-07-2010

Can you telnet to port 135 to the target machine?
Also check on the computer that you want to scan if DCOM is enabled, if it's disabled the port will also be closed.

ianternet · ‎10-07-2010

I've literally opened the perimeter firewall for all outgoing connections from the Lansweeper server to the subnet I'm trying to connect which includes my test machine.

I've also disabled the firewall on the test machine, and unfortunately I still get the same errors on the test connection.

I've also entered local admin credentials too.

DNS test
-----------------------------------------------
Is this the correct remote IP: xxx.xxx.xxx.xxx
If not, please check for DNS problems

\root\cimv2 Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Remote WMI test
-----------------------------------------------
\root\cimv2 Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Remote Registry test using WMI
-----------------------------------------------
\root\default Remote WMI access test FAILED
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

Still no further I'm afraid.

Cheers

Ian

PS I must be missing something obvious somewhere but what?

gdavid · ‎10-06-2010

ianternet,

I was trying to do something similar but from a DMZ. You are probably seeing all the hits on your firewall because lansweeper is attempting to "probe" the computers behind your firewall. The easiest way for you to implement this is to probably setup a second lansweeper scanner behind your firewall and have that scanner scan the computers on that side. you would then only need to open a port from the service to your database on port 1433.

(i think thats all right).
take a look here.

http://www.lansweeper.com/kb/used-TCP-ports.aspx

Since opening up a port from the DMZ to my database server is a bad idea in general. I will most likely go with using a separate scanner in each of my DMZs.

Hemoco · ‎10-06-2010

The rpc error is caused by a firewall (possible between the 2 subnets), not by incorrect administrator permissions.

Scanning another domain/workgroup

New to Lansweeper?

Try Lansweeper For Free