Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Scanning
  3. Articles

Testing Network Connectivity and Security Permissions for GFI LanGuard Operations

Overview

GFI LanGuard requires the correct network settings and security permissions for the server to perform operations to computers remotely. Even one missed requirement, wrong service account or incorrect registry key setting may lead to Access is Denied errors when deploying agent, failed scans and patch deployments, unaccessible shares.

This article guides you on how to test whether all the required settings are in place.

Introduction

Computers communications in modern environments depend on correct network configuration and can be restricted by various security settings and mechanisms. Perform the following procedures to ensure that the correct network and security configurations are in place for the GFI LanGuard to work without interruptions.

NOTE: The following tests should be performed using the same account which is running the GFI Services. For Multi-Domain environments, check the account's best practices used before running the tests.

Description

Ensure That Machine Names Resolve via NSLookup

NSLookup is a command prompt utility that finds Name Server information by querying the Domain Name System (DNS).

  1. Open a command prompt on the machine where the GFI LanGuard is installed.
  2. Run the following command: NSLOOKUP client.machine.name
  3. Replace client.machine.name with the fully qualified domain name of a client machine. This should return the IP address of that machine.
  4. Run the following command: NSLOOKUP 8.8.8.8
  5. Replace 8.8.8.8 with the machine's IP address. This should return the client machine name.
2019-05-25_19-57-57.png

If LanGuard can not ping the client machine by hostname and IP address, operations are simply not going to work. Also, make sure the client machine can ping the server by both hostname and IP, with the same steps described above.

top

Remote Registry

Using the Remote Registry service, the GFI LanGuard is able to query the registry of a target computer remotely. Perform the following procedure to manually query the registry of a computer from the GFI LanGuard server.

  1. Ensure the Remote Registry service is started and set to automatic on the target computer.
  2. Log on to GFI LanGuard server using the credentials specified for the GFI services.
  3. Open the machine's registry.
  4. Go to File > Connect Network Registry.
  5. Enter the IP Address of the target machine and click on OK.
    IMPORTANT: The hostname cannot be used. Enter the IP Address of the target machine.
  6. Once connected, a new hive will appear for the target machine. Ensure you can browse to the following path:
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog

top

Administrative Shares

The administrative shares are the default network shares created by the Microsoft Windows OS (Operating System). GFI LanGuard uses administrative shares such as C$ to obtain and store information on the remote computer. Perform the following tests to ensure your administrative shares are created and the GFI LanGuard server can access them:

  1. Ensure File and Print sharing is enabled on the remote computer.
  2. Ensure that the default administrative C$ share has been created.
  3. Log on the GFI LanGuard server using the credentials specified for the GFI service.
  4. Go to Start > Run and type the following command: \\<computer_name>\C$
    NOTE: Replace the <computer_name> with the IP address or target computer name.
  5. An explorer window shows the contents of the C drive on the remote machine. Browse to the following folder:
    C$\Windows\System32
  6. Create a text file called test.txt in the location above. Once confirmed that the file has been created, you can safely remove it.

top

Event Log

Some monitoring checks and scans in GFI LanGuard require retrieving information from the Microsoft Windows Event logs remotely on a target machine.
The following checks ensure that the GFI LanGuard server can retrieve this information accordingly:

  1. Log on the GFI LanGuard server using the credentials specified for the GFI service.
  2. Go to Start > Run and type the following command: eventvwr
  3. Click Action and select Connect to another computer.
  4. Enter the name of the target machine near Another Computer and click OK.
    NOTE: Ensure you can view each of the Windows event logs of the target machine.

top

WMI (Windows Management Instrumentation)

Please check the following article to verify and troubleshoot WMI connectivity.

top

Related Articles

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments