Dealership Using Advent - Ports Block…

zero6699

Hi everyone,

I'm working with a dealership that uses Advent as there DMS (Dealer Management System).  The way there solution works is by having an Cisco ASA connected
from the wan to the lan with a static ip address on both wan and lan and builds up a VPN to there network. There was a sonicwall in place that was working with this config.
Currently I have setup a gateway that points to the static LAN IP address and then setup a static route that says 1.1.1.0/26 is out this gateway. 
Since the ASA is on the LAN I figured I would not need to set any firewall rules since I think the PFSense see it as all LAN traffic anyways, but just trying to get it to
work i have made 2 rules that says any traffic to/from is allowed. As of now it works but we cannot print.  The way printing works is you share a printer from a
windows computer configure the terminal server per user that they are using 192.168.0.12 and there printer share name is oki. 
There is also a user made on the computer that has access to the printer and that is the credentials used for printing.  I have been told by there support that it is because ports are
being blocked.  Not sure what to try next.  Below is a bit of a diagram of how the network is configured.

Any help would be greatly appreciated.

+–----+
|WAN |
+--+--+
  |
  |              +---------------+
  +----------+ Switch        |
                ++-----------++
                    |              |
                    |              |
                    |2.2.2.1  |2.2.2.2
                    |          ++------+
          +------+--+    | ASA    | VPN Tunnel to 1.1.1.78
          |PFsense |    |            |
          |              |    +---+----+
          +--+------+          | 192.168.0.222
              | 192.168.0.1 | 
              |                    |
              |                    |
              |      +----------+--+
              +----+                  |
                      |    LAN        |
                      +--------------+

zero6699

Ok so setting up a default route was too much not needed? I have since removed it and the program still works.

In other things. I ran some packet capture on PFSense just watching port 445 and I got this.

10:53:31.077123 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:34.078879 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:40.073200 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:41.085657 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:44.085386 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:50.085715 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:51.084497 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:53:54.087917 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:54:00.089179 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:54:01.093382 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50848: tcp 0

So I think this shows trafic is going to the computer so I ran wireshark on the client pc and this is what i captured with (tcp.port == 445).

https://pastebin.com/Y26M2a6a