2 answers
- 10-1
I had an intuitive feeling that disablibg Blessed Subnets would be a workaround, but didn't try it because I think you did the right thing by creating Blessed Subnets. I thought I was missing some configuration that would tell clients to use IP4 addresses in their reports.
Now I can't help wondering, why am I the only one to report this problem? If it's not something obvious that I missed, if it's because of the way Blessed Subnets work, wouldn't everyone have this problem?
- Mark Unwin
It's something on the web server side, I suspect. And yes - you are the only person to report this, so far :-)
- Norman Diamond
Aha. Maybe I'm the only one who used a Windows server and let the default installation use Apache instead of IIS.
- Mark Unwin
I have an answer. I'll get it into our next release. For the meantime, just disable blessed_subnets. Apologies for any inconvenience. For reference - http://stackoverflow.com/questions/12435582/php-serverremote-addr-shows-ipv6 Thanks for reporting the issue :-)
Add your comment... - 10-1
Hi Norman,
The logs containing IPv6 addresses is the issue. Open-AudIT will check the IP that's submitting the result and if it's not in the list of Blessed Subnets, it will be rejected, We only store IPv4 subnets, so an IPv6 address won't match any of them (hence, no devices being discovered).
You can disable Blessed Subnets in the configuration (set blessed_subnets_use to n).
I'll look into this.
Mark.
Add your comment...
I'm a newbie to Open-audIT and Open-audIT Enterprise. I set up a virtual host-only network with Windows 2012 R2 Active Directory server and DHCP server in one virtual PC and Windows 10 in the other virtual PCs.. Active Directory Users and Computers sees itself as domain controller and other virtual PCs except one as clients. Part of the experiment is that one virtual PC didn't join the domain. The server has static IP4 address 10.10.100.1 and all other PCs get IP4 addresses by DHCP in 10.10.100.0/24. All can ping each other.
Open-audIT Enterprise 20-node licence is running in the server.
The Blessed Subnet 10.10.100.0/24 works.
First I want to Discover Active Directory, hoping to discover all except that one PC that didn't join the domain.
But the log contains a bunch of error messages "Audit submission from an IP not in the list of blessed subnets", all containing IP6 addresses and no IP4 addresses.
The Open-audIT Enterprise server doesn't find any computers at all, not even itself.
What do I need to fix?
(By coincidence the real PC hosting the virtual network also has an older Open-audIT Enterprise experiment installed. The real PC runs Windows 10 in a workgroup with no domains. The real installation has a few network connections in /24 IP4 subnets but none of them include 10.10.anything so the virtual PCs are even isolated from the real one. The real installation discovered itself in one of its real /24 IP4 subnets a few weeks ago.)