4 answers
- 10-1
Thanks to all.
Mark Henry thank you for Link. It helps me realy.
Problem was firewall. And a user there is not "Administrator" but in admin group.
I made a script to open needed services:
---------------------------------------------------------------------------------------
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (WMI)" program="%SystemRoot%\system32\svchost.exe" service="winmgmt" protocol=tcp dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (DCOM)" program="%SystemRoot%\system32\svchost.exe" service="rpcss" protocol=tcp localport=135 dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (ASync)" program="%SystemRoot%\system32\wbem\unsecapp.exe" protocol=tcp dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (RPC-EPMAP)" Remotedienstverwaltung program="%SystemRoot%\system32\svchost.exe" service="RPCSS" protocol=tcp localport=RPC-EPMap dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall(NP)" program="System" service="any" protocol=tcp localport=445 dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (RPC)" program="%SystemRoot%\system32\services.exe" service="any" protocol=tcp localport=RPC dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx
--------------------------------------------------------------------------------------
Run in cmd as Administrator.
It works now for each Windows Client!
Thank you guys.
Best Regards.
Add your comment... - 10-1
Your particular VPN product may allow you to configure NetBIOS broadcast forwarding. Alternatively, you could look at implementing a WINS Server on each side of the Brother Wireless Printer Setup VPN to allow clients to a browser.
Add your comment... - 10-1
Mark Henry thank you for help.
I have now v. 2.2.7
Now another issue.
Openaudit couldn't conect to client WMI during discover windows client.
I know that credential are correct. Firewall is off. WMI is detected.
Its from discover log:
-----------------------------------------------------------------------------------------------------
wmi_helper windows_credentials Windows credentials starting
wmi_helper wmi_command Attempting to execute command using winexe-static-2 fail
timeout 5m /usr/local/open-audit/other/winexe-static-2 -U '*****'%****** --uninstall //xx.xx.xx.xx "wmic csproduct get uuid"
wmi_helper wmi_command Attempting to execute command using winexe-static fail
timeout 5m /usr/local/open-audit/other/winexe-static -U '*****'%****** --uninstall //xx.xx.xx.xx "wmic csproduct get uuid"
wmi_helper wmi_command Credential set for Windows named ****** not working on xx.xx.xx.xx
wmi_helper windows_credentials Windows credentials complete. No working Windows credentials for xx.xx.xx.xx found.
------------------------------------------------------------------------------------------------------
What could be wrong?
Have you any idea?
By the way its still VPN area.
Thanks.
- Mark Henry
OK, good progress there. Keep in mind you will need to change the type classificxation on anything mis-typed as a 'router" as Open-AudIT wont change that automatically. Regarding the Windows machines not executing the WMI commands, please refer to this wiki page: https://community.opmantek.com/display/OA/Target+Client+Configuration Mark H
Add your comment... - 10-1
Paul,
Open-AudIT v2.2.6 had a bug where 'unknown' devices were mis-typed as 'router'. If you are on v2.2.6 please upgrade to 2.2.7 as soon as possible.
If your Open-AudIT server is seeing the devices through the VPN, and the issue above is not the problem, then please check the Troubleshooting page on the Open-AudIT wiki: Troubleshooting
Add your comment...
Please Help.
We have VPN and wont to discover clients on windows as devices.
Every client is already connecred to vpn server.
Server openaudit is also connected to vpn server.
VPN area is added to the List Discoveries and found Machines(PCs) on linux as router devices with no information about device.
Much more linux machines ware discoverd through lan.
The problem to discover is just through vpn.
In log of vpn area discovery openaudit discover some open ports in a linux machine but not discoverd it as device.