The machines are not discovered through VPN.

 
1
0
-1

Please Help.

We have VPN and wont to discover clients on windows as devices.

Every client is already connecred to vpn server.

Server openaudit is also connected to vpn server.

VPN area is added to the List Discoveries and found Machines(PCs) on linux as router devices with no information about device.

Much more linux machines ware discoverd  through lan.

The problem to discover is just through vpn.

In log of vpn area discovery openaudit discover some open ports in a linux machine but not discoverd it as device.

 

 

    CommentAdd your comment...

    4 answers

    1.  
      1
      0
      -1

      Thanks to all.

      Mark Henry thank you for Link. It helps me realy.

      Problem was firewall. And a user there is not "Administrator" but in admin group.

      I made a script to open needed services:

      ---------------------------------------------------------------------------------------

      reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (WMI)" program="%SystemRoot%\system32\svchost.exe" service="winmgmt" protocol=tcp dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (DCOM)" program="%SystemRoot%\system32\svchost.exe" service="rpcss" protocol=tcp localport=135 dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (ASync)" program="%SystemRoot%\system32\wbem\unsecapp.exe"  protocol=tcp dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (RPC-EPMAP)" Remotedienstverwaltung program="%SystemRoot%\system32\svchost.exe" service="RPCSS"  protocol=tcp localport=RPC-EPMap dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall(NP)" program="System" service="any" protocol=tcp localport=445 dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

       

      Netsh.exe advfirewall firewall add rule name="Custom free name for your firewall (RPC)" program="%SystemRoot%\system32\services.exe" service="any" protocol=tcp localport=RPC dir=in enable=yes action=allow profile=Public localip=xx.xx.xx.xx-xx.xx.xx.xx remoteip=xx.xx.xx.xx-xx.xx.xx.xx

      --------------------------------------------------------------------------------------

      Run in cmd as Administrator.

      It works now for each Windows Client!

      Thank you guys.

      Best Regards.

        CommentAdd your comment...
      1.  
        1
        0
        -1

        Your particular VPN product may allow you to configure NetBIOS broadcast forwarding. Alternatively, you could look at implementing a WINS Server on each side of the Brother Wireless Printer Setup VPN to allow clients to a browser. 


          CommentAdd your comment...
        1.  
          1
          0
          -1

          Mark Henry thank you for help.

          I have now v. 2.2.7

          Now another issue.

          Openaudit couldn't conect to client WMI during discover windows client.

          I know that credential are correct. Firewall is off. WMI is detected.

          Its from discover log:

          -----------------------------------------------------------------------------------------------------

          wmi_helper    windows_credentials    Windows credentials starting                

          wmi_helper    wmi_command    Attempting to execute command using winexe-static-2    fail        

          timeout 5m /usr/local/open-audit/other/winexe-static-2 -U '*****'%****** --uninstall //xx.xx.xx.xx "wmic csproduct get uuid"

          wmi_helper    wmi_command    Attempting to execute command using winexe-static    fail            

          timeout 5m /usr/local/open-audit/other/winexe-static -U '*****'%****** --uninstall //xx.xx.xx.xx "wmic csproduct get uuid"  

          wmi_helper    wmi_command    Credential set for Windows named ****** not working on xx.xx.xx.xx    

          wmi_helper    windows_credentials    Windows credentials complete. No working Windows credentials for xx.xx.xx.xx found.

          ------------------------------------------------------------------------------------------------------

          What could be wrong?

          Have you any idea?

          By the way its still VPN area.

          Thanks.

          1. Mark Henry

            OK, good progress there. Keep in mind you will need to change the type classificxation on anything mis-typed as a 'router" as Open-AudIT wont change that automatically. Regarding the Windows machines not executing the WMI commands, please refer to this wiki page: https://community.opmantek.com/display/OA/Target+Client+Configuration Mark H

          CommentAdd your comment...
        2.  
          1
          0
          -1

          Paul,

          Open-AudIT v2.2.6 had a bug where 'unknown' devices were mis-typed as 'router'. If you are on v2.2.6 please upgrade to 2.2.7 as soon as possible.

          If your Open-AudIT server is seeing the devices through the VPN, and the issue above is not the problem, then please check the Troubleshooting page on the Open-AudIT wiki: Troubleshooting

            CommentAdd your comment...