3 Replies Latest reply on Feb 10, 2011 7:50 PM by historicalshavlikcustomer

    VPN IP Issues


      Here's the situation:  I have several remote PC's that are VPN'd to the Shavlik Console (and only the shavlik console).

      There PC's have a 10.x.x.x IP address, but they communicate with the Shavlik Console through a 5.x.x.x IP Address.  These machines also all have the shavlik agent installed.  The problem is that these machines tell the Shavlik Console that they are at IP 10.x.x.x - so if I manually try to deploy patches after a scan I cannot connect to these PC's.  Is there any way to get the agents on these PC's to report their 5.x.x.x address?  It is the secondary network adapter and must stay this way.


      - Mike
        • 1. Re: VPN IP Issues

          Sounds like a DNS/routing issue.
          DNS should resolve the target machines names to the required IP and the IP to the required name.
          It should also resolve the NetChk consoles IP and name correctly.
          This can be performed using;
          nslookup targetmachinename
          nslookup X.X.X.X (target machines IP)
          nslookup consolename
          nslookup Y.Y.Y.Y (consoles IP) 

          The VPN should route the required traffic for the required network segment.
          Once the VPN routes the required traffic back through the VPN to the required machine, it should work fine with agents or Agentless.
          Agents would be recommended as the VPN encryption will use some of the bandwidth which will slow down agentless scans.

          • 2. Re: VPN IP Issues
            The weird thing is that an agentless scan works fine - but when I try to deploy the patches from the machine view it says it cannot connect to the PC with the 10.x.x.x address in parenthesis.

            nslookup doesn't return the computer name - we are using Log Me In Hamachi for the VPN client - so it can only access our Shavlik console, it does not have access to our DNS server.

            I'll try to investigate this a little more but if you have any other ideas please let me know.
            • 3. Re: VPN IP Issues
              I have a similar problem.
              I have a computer that has VMWare Workstation installed. The main computer (not one of the VMs) has an ip address on our network, as well as a "VMWare Virtual Ethernet Adapter" which has another address not on our network (used internally by VMware)
              Even with all the VMs powered down I can scan it, and its agent reports via the main IP address, but if I try to deploy to it, Shavlik tries to deploy it to one of the virtual adaper addresses. DNS only knows about the main address, not sure why it wouldn't deploy to it....