This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot join domain over SSL VPN

Was having a whale of a time joining a XP machine to a SBS2008 domain over a SSL WAN connection (between two Astaro boxes)

Finally found some intrusion logs on the server side....

Rule 14710 NETBIOS SMB spoolss EnumJobs response unicode little endian attempt

Rule 14709 NETBIOS SMB spoolss EnumJobs response WriteAndX unicode little endian attempt

Added an exception between the two networks and the workstation immediately joined the network.

Why is this happening?

Tom

This thread was automatically locked due to age.

0 Scott_Klassen over 14 years ago

Why is this happening?
NetBIOS was originally designed to be run only over a local LAN and is generally considered to be insecure. By default any good security device, such as the ASG, is going to have measures in place to block NetBIOS (ports 137-139) from crossing interface boundaries. The IPS (Snort), was just picking up on this as those packets attempted to cross from one network to another.
Cancel
Vote Up 0 Vote Down

Cancel
0 ThomasBall over 14 years ago in reply to Scott_Klassen

Thanks, that does make sense.

That functionality does seem valuable and must have been added in the recent future.

(I was able to perform the exact steps a number of months back)

I am sure I am not the only one that may bounce into this. Will keep this for future reference.

Tom
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 14 years ago

If you want to do the join, you can create an Exception for the traffic.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel