Symantec Ghost over VPN

pts.
Tags:
Development
Firewalls
Forensics
Incident response
Intrusion management
Network security
Networking
VPN
Wireless
I'm trying to get symantec ghost to run over our vpn, but have been unable to get the ghost server to see any clients behind the other vpn endpoint. We are using 2 different routers that are both set up as VPN endpoints using IPsec. One router is a Netgear FVS328, and the other is a Xincom XC-DPG503. All computers are running Windows XP Professional SP2. I am able to ping/see/connect to/from any computer behind one router to/from any computer behind the other router. Unfortunately, I am not able to see any computers within the Symantec Ghost Console not behind the same router as the Ghost server (i.e. - they never show up in any of the machine groups, dynamic machine groups, or under Network). I'm guessing that the Ghost server and clients must send some of their communications using some protocol(s) other than TCP or UDP, since any TCP or UDP traffic should be able to make it across the vpn. Any and all help/suggestions are greatly appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Install a Firewall Software like Zone Alarm on the Norton Ghost Server Machine. Then Start the Norton Ghost Server. The Firewall Software (Zone Alarm) will ask the approval for the Ports. note down the ports and open the Port in your Hardware Firewall thats all it should work or go through the help manual and take a list of ports that Norto Ghost Communicates an dopen those ports in your firewall

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • HatcherBob
    I agree with sfrye1106. You can also use a sniffer to capture network traffic and get the ports needed.
    0 pointsBadges:
    report
  • Paul144hart
    I'd the vpn box as well, since sometimes the high number ports can be disabled (not in the well known group). Also, I tried running ghost server to a client once that was more than one hop away and it would work. Seems the routers between the local switches won't pass the traffic. (I moved the machine to solve the problem)
    0 pointsBadges:
    report
  • Sfrye1106
    So, I'm starting to narrow down the problem. Based on information from Symantec (and from inspecting packets on my own), clients discover the ghost server by sending a UDP packet from port 1347 with a destination port of 1345. Furthermore, it sends it with a multicast destination address of 229.55.150.208. Both routers are set up to allow traffic from an ip address range. For example, all computers behind router 1 are in the 192.168.1.x range, and all computers behind router 2 are in the 192.168.2.x range. I think what is happening is that because the ghost client packets aren't specifically addressed to the ghost server, and instead use a multicast address, that those packets never make it across the vpn to the ghost server. I'm kind of stumped as to how go about resolving this though.
    0 pointsBadges:
    report
  • Paul144hart
    RE: Furthermore, it sends it with a multicast destination address of 229.55.150.208. Sounds like there must be a setup for the client - this address doesn't make sense. But if that's the way it is, you could add the 229 subnet for routing to the 192 subnet with the ghost server in that subnet. Definitely a brute force fix.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following