cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
teejayuu
Engaged Sweeper
Hi

We have a Window 2003 AD domain that only (at present) has XP SP3 clients. Some of our laptops are used by folks that work from home and these connect to the network using VPN tunnel to our ISA Server 2006 'firewall'. None of these are scanned unless the physically connect to the network.

I have implemented via Group Policy Windows Firewall settings and ensured that RPC and WMI kb's have been followed.

Is there a way to scan endpoints through a VPN tunnel?

Thanks
Tony
Tony In view of the fact that God limited the intelligence of man, it seems unfair that He did not also limit his stupidity. Konrad Adenauer
11 REPLIES 11
Hemoco
Lansweeper Alumni
WMI is using random ports after the first connection: http://www.lansweeper.com/kb/used-TCP-ports.aspx
teejayuu
Engaged Sweeper
Quick update - it seems that the Firewall (ISAServer 2006 Std) was blocking port 135. I've created a rule to allow it through from the Internal to VPM Clients.

Am now getting just RPC server is unavailable 0x800706BA (10.1.1.118)
Tony In view of the fact that God limited the intelligence of man, it seems unfair that He did not also limit his stupidity. Konrad Adenauer
Hemoco
Lansweeper Alumni
If the windows firewall is off, then something in between must cause the RPC problem.

Can you check the isa server log if it's dropping traffic between the lansweeper server and the vpn client.
Hemoco
Lansweeper Alumni
What is the waittime for software in your configuration?
Do you see any rpc errors (or other errors)
Lansweeper wrote:
What is the waittime for software in your configuration?

2 days, although the previous scan was done on the 7th January
Lansweeper wrote:
Do you see any rpc errors (or other errors)

Yes:
The RPC server is unavailable 0x800706BA(REL2651.domain.org.uk,REL2651,10.1.1.118)
Cannot connect to DCOM port 135:Firewalled? (REL2651)

As per my original post, I have worked through all the KB's around this and it only appears about 3 minutes after I run LSClient - I've even turned Windows firewall off
Tony In view of the fact that God limited the intelligence of man, it seems unfair that He did not also limit his stupidity. Konrad Adenauer
Hemoco
Lansweeper Alumni
teejayuu wrote:

The RPC server is unavailable 0x800706BA(REL2651.domain.org.uk,REL2651,10.1.1.118)
Cannot connect to DCOM port 135:Firewalled? (REL2651)

Is 10.1.1.118 the correct IP address of the client?
Do you see a different IP address if you use the lsclient /scanonip option?
Lansweeper wrote:
Is 10.1.1.118 the correct IP address of the client?
Do you see a different IP address if you use the lsclient /scanonip option?

Sorry, I forgot to mention that 10.1.1.118 is the correct IP address and is the same regardless whether I use /scanonip or not

Cheers
Tony In view of the fact that God limited the intelligence of man, it seems unfair that He did not also limit his stupidity. Konrad Adenauer
teejayuu
Engaged Sweeper
Hi Lansweeper

I now have scanning through the VPN Tunnel using LSClient (with and without the scanonip switch), unfortunately it does not seem to be updating the software tab (which at the moment is my main concern) although it does update the last logon as shown in Config > User info. Is this by design or do I need to use something else?

Cheers
Tony
Tony In view of the fact that God limited the intelligence of man, it seems unfair that He did not also limit his stupidity. Konrad Adenauer
Hemoco
Lansweeper Alumni
If the RPC error occurs, please check the IP address that lansweeper tries to scan.
It's possible that your dns server is not updated and lansweeper tries to scan the internal IP address of the client.

You can try lsclient with the "/scanonip" option on the vpn computers.