This issue needs a solution.

Using DameWare Mini Remote Control with SEP12.1 FW policy

Created: 13 Dec 2012
Login to vote
0 0 Votes

G'day, we use SEP12.1 with the FW policy rule enabled to block local file sharing from external computers, ports UDP 137, UDP 138, TCP 139, & TCP 445. I want to create a new rule to allow the traffic from the DameWare APPLICATION (using the executable) only, through the ports, also allowign the DW port. I have created the rule below the BLOCK rule - please see attachment - but it still blocks it. Can you please help?? We have Win7 and Win XP OS versions.

Filed Under

Comments

13
Dec
2012

Move the rule 6 above the

Move the rule 6 above the blue line

update the policy check if that works.

Ajit Jha
Partner
Accredited
13
Dec
2012

Hope the Application name is

Hope the Application name is correct along with the ports. Move the DM Policy on the Top.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

13
Dec
2012

took this from Dameware

took this from Dameware forum

 

Spoke to Symantec Tech support. On the Symantec Endpoint Protection Manager we went to "Policies", "Firewall", "Edit", select "Global" or the group you want the policy to be applied to, click "Rules", "Add Black Rule".

A new row appears, under name replace "Rule0" with Dameware, under "Services" "Add" a service with the TCP protocol selected and local & remote ports set to 6129 and direction set to both.

The tech had us move that rule all the way up in order. After a few minutes the change propagated to the test machines and we were good. We were also able to install the Dameware solution without creating any additional rules for 137, 139 ...

http://forums.dameware.com/viewtopic.php?f=9&t=343

13
Dec
2012

Thanks for the repliesĀ  - i

Thanks for the replies  - i truely appreciate the assistance..

Ok - so firstly - i am unsure if the application executable is correct - i also engaged SolarWinds (Dameware) to assist in that, as i would like to restrict access to the DW app only.. Anyway, so i upped the rule to just above the blue line - but did not work.

I am testing the rule i now modified from Rafeeq's second post from Dameware forums. I will let you know.. Thanks buddies :-)

13
Dec
2012

nooooooo!!!! Stinot work. I

nooooooo!!!! Stinot work. I have registered at the dameware site and will also add this thread on their forums. There must be a solution - still maybe using the application exe, and correct ports... sigh**

If i do find a solution i will post it here as well... Thanks everyone. If you have any more ideas please let me know.

I have tried all the file share ports, along with 6129.. still nothing... will keep trying..

13
Dec
2012

can you post the screen shot

can you post the screen shot of dameware getting blocked?

 

13
Dec
2012

My DW rule (configured for

My DW rule (configured for all ports as per the "block file sharing... " Rule), is right at the top of the list. Now, DW still gives access denied error, however, the logs on my client displays port 547 as being blocked, under rule "Block all other IP traffic and log"... It is as if it now does not even read my rule right at the top...

DW just has a normal pop-up that says access denied. This is due to the ADMIN$ share being disabled when the file sharing rule is enabled. DW wants to install the agent to the ADMIN$...share.

 

DWvsSEP12FW.jpg
_Brian
Trusted Advisor
Certified
27
Dec
2012

The executable to use is

The executable to use is dwrcs.exe

Is this the one you're using?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.