Dealership Using Advent - Ports Block…
-
Hi everyone,
I'm working with a dealership that uses Advent as there DMS (Dealer Management System). The way there solution works is by having an Cisco ASA connected
from the wan to the lan with a static ip address on both wan and lan and builds up a VPN to there network. There was a sonicwall in place that was working with this config.
Currently I have setup a gateway that points to the static LAN IP address and then setup a static route that says 1.1.1.0/26 is out this gateway.
Since the ASA is on the LAN I figured I would not need to set any firewall rules since I think the PFSense see it as all LAN traffic anyways, but just trying to get it to
work i have made 2 rules that says any traffic to/from is allowed. As of now it works but we cannot print. The way printing works is you share a printer from a
windows computer configure the terminal server per user that they are using 192.168.0.12 and there printer share name is oki.
There is also a user made on the computer that has access to the printer and that is the credentials used for printing. I have been told by there support that it is because ports are
being blocked. Not sure what to try next. Below is a bit of a diagram of how the network is configured.Any help would be greatly appreciated.
+–----+
|WAN |
+--+--+
|
| +---------------+
+----------+ Switch |
++-----------++
| |
| |
|2.2.2.1 |2.2.2.2
| ++------+
+------+--+ | ASA | VPN Tunnel to 1.1.1.78
|PFsense | | |
| | +---+----+
+--+------+ | 192.168.0.222
| 192.168.0.1 |
| |
| |
| +----------+--+
+----+ |
| LAN |
+--------------+ -
Ok so setting up a default route was too much not needed? I have since removed it and the program still works.
In other things. I ran some packet capture on PFSense just watching port 445 and I got this.
10:53:31.077123 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:34.078879 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:40.073200 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50841: tcp 0 10:53:41.085657 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:44.085386 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:50.085715 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50843: tcp 0 10:53:51.084497 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:53:54.087917 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:54:00.089179 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50847: tcp 0 10:54:01.093382 IP 192.168.95.132.microsoft-ds > 172.23.22.11.50848: tcp 0
So I think this shows trafic is going to the computer so I ran wireshark on the client pc and this is what i captured with (tcp.port == 445).
https://pastebin.com/Y26M2a6a