TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Hi all,
can anyone help me to solve this problem:
I've a RealSecure Server sensor 6.0.1 on Windows 2000. If I try to
connect to it from my Console (6.0) all works fine but Event Channel and
this error occur:
The Sensor refused the connection. [ID=0xc726000e]
I've tried to apply the ISS workaround of the visual basic scipt using NAT
and that you can read below, but in this case the common.policy file is set to a 0K
file and nothing works anymore.
Any ideas?
Regards,
Michele
Question
When monitoring a sensor through a firewall utilizing NAT, the Console is unable to
connect to the event channel for the sensor. This results from the sensor passing the
wrong Event Collector IP address to the Console. You will receive an error stating
that the connection attempt has timed out.
This information applies to:
RealSecure Network Sensor 6.0
RealSecure Server Sensor 6.0
Windows NT 4.0/2000 ONLY
Fix Version:
N/A
Related Articles:
None
WARNING!: This solution requires advanced knowledge of both RealSecure and Windows NT.
Care should be taken when performing the steps below to avoid possible damage to your
system. If you are unsure about any of the steps, please contact your system
administrator before making these changes.
Knowledgebase Article
To implement this workaround on Windows NT/2000 follow the instructions below.
1. Open the attached fwnat.txt file in Notepad. You will see the following at the
beginning of the file:
'Please Read
'Set IP = to the IP of your EventCollector
'Set filespec to the path of your common.policy
'To stop script open Task Manager and End Process wscript.exe
Option Explicit
On Error Resume Next
'Settings
'#################################################################
Dim IP
DIM filespec
IP="10.10.60.111"
filespec="C:\Program Files\ISS\issSensors\network_sensor_1\common.policy"
'#################################################################
2. Edit the Settings section of the file to reflect the appropriate information for
your installation. IP should be set to the "real" IP address of your Event Collector,
and filespec should be set to the path to your sensor's common.policy.
3. Save the file, then rename it as fwnat.vbs
4. You can launch the script by double-clicking it in Windows Explorer, however, to
ensure that it is always running, you will need to implement some way to launch it at
system startup. You can do this by creating an AT job (NT 4.0) or a Scheduled Task
(2000), or by running it as a service. Microsoft provides a utility to register
applications as services in the Windows NT 4.0 and 2000 Resource Kits, available from
the link below:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/reskits/rktmain.asp
--
Ing. Michele Forleo
Security Consultant
SECURE WAY S.r.l.
Via Aurelia Ovest 74/A
54100 Massa (MS) - Italy
mailto:[EMAIL PROTECTED]
http://www.secureway.it
phone: +39 0585 834297
fax: +39 0585 834282
---------------------------------------------------------------------------------
Questo messaggio potrebbe contenere informazioni confidenziali e proprietarie.
Inoltre e' destinato esclusivamente alla persona od enti ai quali e' stato
originariamente indirizzato. Il contenuto di questo messaggio potrebbe contenere
opinioni personali le quali non costituiscono impegni o posizioni ufficiali a
meno che cio' sia diversamente indicato.
This message may contain confidential and/or proprietary information, and is
intended only for the person / entity to whom it was originally addressed. The
content of this message may contain private views and opinions which do not
constitute a formal disclosure or commitment unless specifically stated.
