This content has been marked as final. Show 13 replies
Get on the Vista machine and see what Ports are open
From a command prompt run:
You are looking for 9595 and others close to 9595.
Check the firewall settings to make sure that LANDesk files are allowed.
Check for a third party firewall (other than Microsoft) as we don't automatically make exceptions for any firewall other than the Microsoft firewall
When I ran netstat -an I do get several ports on the 9*** range. For example I had 9593, 9594, 9595 and others.
I do not have any type of firewall software installed on my computer. I have checked the windows firewall and it seems to be off.
Is your console running on Vista too?
If so, you have to run the Console by right clicking and choosing "Run as administrator".
Otherwise Vista new security won't allow the Console to send network traffic. Without network traffic we cannot do discovery to get the icons.
So if you click on a device in the Console, we send a packet to port 9595 on UDP, if no answer, we try TCP 9595.
Can you telnet to port 9595 from the Console machine to the client?
Telnet clientname 9595
If you can't then something is blocking the traffic. It is either a firewall on the client or it is one of your network devices.
I could not telnet to the client computer. I think is something on all Vista machines what can I check on them to see if there is something blocking the traffic.
If you can't then something is blocking the traffic. Make sure that you really cannot telnet. You won't actually get a telnet prompt, just a blank screen with a cursor if it works. However, if it fails, you will get an error connecting.
It is either a firewall on the client or it is one of your network devices.
Can you telnet from a devices on the same subnet to that machine on port 9595. If so, then it is a network issue, if not is software on the system.
Does the client have firewall software? Maybe the AV software includes a firewall.
Please note telnet is not enabled by default on Vista. You will need to enable this to use it by going to:
1. Control Panel
2. Programs & Features
3. Turn Windows Features on or Off
4. Select Telnet Client
This could have been something you may have already done but I thought I would bring it up just incase....
I don't want anyone to be confused.
We are NOT trying to access a telnet command prompt!
Telnet can connect to any TCP port that is open and establish a session when you use the following syntax:
For example, to make sure the TCP port 9595 is open on an agent, you can do this:
>telnet DeviceName 9595
It will establish a TCP session, though of course there will not be a telnet command prompt.
We are simply using telnet to make sure that the TCP port is open, not to actually establish a telnet command prompt session.
We've started seeing a similar problem with the LanDesk agent on a few XP machines as well. The agent looks like it's installed just fine, but the Console only shows the binoculars (pingable), not the remote icon (remote controllable).
1) Ports 9595 and 9535 are open on the client.
2) The LanDesk client will perform an inventory scan without issue. Results show up in the Console immediately.
3) Uninstalling and reinstalling the LanDesk client doesn't fix the issue.
I firmly believe it's a problem with the firewall on the machine, but I'm not really sure where to look and would love some suggestions.
I opened Wireshark on my machine with the Console open and compared a successful discovery with this broken discovery. It seems the remote control discovery process is a UDP packet sourced from the Console to port 9595 (Wireshark calls this port "pds") which includes a text string "PING" and "LD".
On the working machine the response is a UDP packet from 9695 back to the source port containing several strings such as "PONG", the domain name of the machine, service pack information, machine name, and a few other bits of data.
On the non-working machine, the response is an ICMP packet (not UDP) of "Destination Unreachable". I tried using the "netsh int ip reset" trick, and I tried the firewall on, off, and disabled, and got the same results every time. Something in the network stack on the machine is bouncing those UDP packets back as ICMP unreachable.
If anyone has any ideas, let me know. You can email me directly at eric[dot]hill(at)pioneerballooncom.
Run UninstallWinClient.exe and wait for the machine to reboot.
Delete the two Unique ID keys in the registry (just for good measure).
Install a new LanDesk client on the machine.
At this point, port 9595 probably isn't open. "netstat -an" should confirm this.
Run the CBA8INST.MSI installer.
Run the RAINSTALL.EXE installer.
You should now see port 9595 open.
REBOOT THE MACHINE! Remote control will still be non-responsive until you reboot after the two installations.
After the machine comes back up, the Console should see remote-control available again. However, while trying to remote-control, you may get the error message "This computer is not managed by your server" (or whatever it says).
On the Console, highlight the computer, and press Delete. Confirm the removal of the record.
Next, REBOOT THE CLIENT AGAIN. The client will do a miniscan after it's started up again, and that will poke the record back into the Console.
At this point, the machine is back to 100%.
Where would I find these two?
Run the CBA8INST.MSI installer.
Run the RAINSTALL.EXE installer
Those two installers are in the "C:\Program Files\LANDesk\LDClient" folder. They are pushed out with the main client installation.