Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Symantec AV Remote Client Install

Posted on 2007-11-25
12
Medium Priority
?
849 Views
Last Modified: 2013-12-09
I have Symantec Anti Virus 10 Corp Edition on my Windows 2003 SBS with AD running. I have been able to remote install domain clients on my own sub-net (192.168.1.x), but when adding a machine (called Home) that is on the other end of a (linksys hardware) VPN, which is on 192.168.2.x subnet, I get an error message from the remote install utility "Network Name Not Found. Unable to detect the standard network share, ADMIN$, on <Home>"

The Home machine is able to log in to the domain, and access network resources, such as Exchange Mailboxes and Public Folders. I can see the other machines in the Domain, including the Server, in the Entire Network.

I have disabled hardware firewalls on both ends, and added TCP port 2967 exception on Windows Firewall on Home client. I have primary DNS set to the Server (192.188.1.2) and two external DNS servers (Comcast) on the Home cleint. WINS is set to 192.168.1.2, and Enable NETBIOS is checked.

I can not connect to the Home client from a different workstation on the domain, however, since it says //Home is not accessible. You might not have permission, the network path was not found. Not sure if this is related. I can RWW into the Home client.

Any ideas? Thanks.
0
Comment
Question by:Rich
  • 7
  • 5
12 Comments
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 20346171
  I assume you can connect via ip address like \\192.168.2.x
    *Make sure windows firewall is disabled in home computer
    *Make sure ucp 137-138 tcp 139 and 445 ports are not blocked by any device/software
    *Can you ping the home client by its name?
0
 

Author Comment

by:Rich
ID: 20346313
I can not connect (using Add Network Place Wizard) to \\Home since there is no shared resource (I get the error "Windows requires a share to publish to. Please try another location.") When I browse to a Network place, the Home client is in the list, but does not expand to show any shared resources.

"ping 192.168.2.100" is successful from Server side of VPN
"ping home.GagnonConsulting.local" is successful from Server side of VPN

The Windows Firewall on the client is set in Group Policy from Server. I attempted to manually add exceptions for the 4 ports you mentioned, but got the following messages, indicating that they were already open.
137 UDP - NetBIOS Name Service already exists for this port
138 UDP - NetBIOS Datagram Service
139 TCP - NetBios Session Service
445 TCP - SMP over TCP
0
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 20346331
 Wait a minute, Is home computer not a domain member?
  Can you reach \\192.168.2.100 from server side?
  If home computer is not a member of domain, then you should enable simple file and printer sharing
  http://support.microsoft.com/kb/304040/en
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Rich
ID: 20346452
Home computer is a member of the domain. Simple file sharing is disabled. I can see it listed under the domain in Entire Network/Microsoft Windows Network/Gagnonconsultin/Home, but when I click on it, it does not open (like the other domain computers do.) The error message is that \\Home is not accessible. You might not have permission to use this network resoucre. The network path was not found.

What is the best way to test if I can reach \\192.168.2.100 from server side? I can ping it.
0
 

Author Comment

by:Rich
ID: 20346467
If if type in \\192.168.2.100 in the address bar, I get the error that Windows cannot find '\\192.168.2.100'.

The search for Computer Name: \\192.168.2.100 displays no results, nor does searching for \\Home.GagnonConsulting.local
0
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 20347030
 type it in start>run not address bar
0
 

Author Comment

by:Rich
ID: 20347637
OK, tried that and it returns (after a wait) "The Network Path was not found"
0
 
LVL 29

Accepted Solution

by:
Alan Huseyin Kayahan earned 2000 total points
ID: 20348798
if ping 192.168.2.100 successfull from server side and you can not reach via \\192.168.2.100 , that means one of the above ports I mentioned is somehow blocked, either by a firewall or by tunnel ACL
0
 

Author Comment

by:Rich
ID: 20349913
Do you know a way to test a specific port for comms? I don't think that I can Ping on a specific port, but I am going to check the man pages.
0
 

Author Comment

by:Rich
ID: 20350052
I just checked out the Shields UP program from GRC, and had it check my network from the outside. It only shows ports 80, 443 and 444 open, and the ports 25, 135, 136, 137, 138, 139 and 445 in the list as Stealth. Apparently, stealth means that these ports are blocked somewhere my computer and the Pulbic Internet. Given I have disabled the hardware Firewall and specifically opened these ports on the client PC, I guess that Comcast must be blocking the ports. If this is true, I guess it is out of my control, and I will have to install the AV client manually, from the disk.
0
 

Author Comment

by:Rich
ID: 20350063
Thanks for you help with this, MrHusy. I have at least learned something.
0
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 20350161
 For more learning, you can use telnet for testing ports. For example, if you type the following
    telnet 192.168.1.200 137
   You get a blank black screen if the 137 port is open in 192.168.1.200.

You are welcome :)
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question