Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Problem with sep firewall and dameware mini remote access

Created: 31 Dec 2012 • Updated: 31 Dec 2012 | 12 comments
This issue has been solved. See solution.

I have a problem between sep firewall and dameware mini remote.

I've allowed port 6129 in the firewall and when I try to remote to the pc it waits at authenticating for around two or three minutes before I can get a remote desktop. So something else is not working correctly.

If I disable firewall everything working fine. No delay when remoting in. The remote pc is a special purpose machine which only have sep firewall on it no other components. Only certain traffic will be allowed and all else is denied. It is unmanaged obviously.

Comments 12 CommentsJump to latest comment

Ashish Bhatia's picture

Thanks for reply but did you bother to read my post? Dameware works it just a delay of two or three minutes.

.Brian's picture

The problem is not Dameware but with the authentication process it sounds like.

In Dameware, what authentication type are you using? Are you authenticating against your domain? (I assume this PC is on a domain?)

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ashish Bhatia's picture

Yes I use the windows nt challenge/response to to authenticate against domain with my credentials

.Brian's picture

Than it sounds like the traffic that is involved with the authentication process is being blocked. I'm not sure of your setup but typically the pc will try to authenticate to the local DC and if it can't contact it will try to look for the secondary DC and so on down the line. It sounds like the DC traffic is being blocked and eventually dameware allows the connection, perhaps using something like cached credentials.

What's the last rule in your firewall config?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ashish Bhatia's picture

The last rule denies all other traffic than what is already allowed.

.Brian's picture

So that is likely the problem. I bet if you disabled the deny rule it works fine, correct?

Add in a new firewall rule to allow traffic to/from whichever DC you authenticate to and move it to the top. It should than work as expected.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
Ashish Bhatia's picture

Yes now this work!

I also add rule for dc and move to top and enable deny all rule and still work!

So the problem I see if trying to figure out which traffic need to be allowed. Goes beyond damware issue?

.Brian's picture

Yes, it could become quite painful trying to figure out all that needs to be allowed.

You could always make the client managed and create rules from the SEPM. There is more flexibility writing rules in the SEPM than there is on the unmanaged client itself.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ashish-Sharma's picture

HI,

Did you try to exclude Dameware ?

Thanks In Advance

Ashish Sharma

 

 

Ashish-Sharma's picture

hi,

I know your Dameware works but you can try to exclude application and check it's taking time or not ...

Thanks In Advance

Ashish Sharma