Hi all

 

We are running windows 7 ent 32bit clients.

 

Our ServiceDesk Plus installation used to be installed on a Windows 2003 r2 server (no ipv6 support) but the server has crashed, and now our service deskplus installation is running on a Windows 2008 r2 server (with ipv6 support)

 

Since the Win7 client and the Win2008 server _both_ automatic have ipv6 addresses on the isatap adaptor, ipv6 is taking precedence over ipv4 and network traffic would be ipv6 tunneled over the ipv4 address (default windows behavior)

 

On my windows 7 client i use default windows firewall with advanced security, and I have opened for icmpv6 and RPC traffic from the isatap ipv6 ip the ServiceDesk plus server have.

 

I am able to ping the clients on their name (DNS resolution is working, name is resolved to the clients ipv6 address) and the client is sending icmp echo-reply back to the Server.

 

But still, the servicedesk plus is not able to Scan windows 7 clients anymore. If i remove the clients ipv6 record in dns so there is only a ipv4 record its working....

 

If I totally disable the Windows firewall on the clients its also working, so the firewall is blocking something (nothing to see in the firewall log)

 

And yes I could simply disable ipv6 on the server, or use the agent and deploy it to all my clients, but it can't be right that it is not possible to open for asset scan in the windows firewall based on isatap ipv6 addresses.....

 

Someone must have seen this behavior before, its windows 7 clients and windows 2008 server pretty default.... Anyone know how to setup the windows firewall to allow asset scan on ipv6 addresses??

 

---

 

One more thing :-)

I'm using MS SCCM also on a Windows 2008 server, I have opened for the ports that SCCM uses in the clients firewall, and set the source ip to be the SCCM's server isatap ipv6 address, and here its working just fine... :/

 

Best Regards,

Steffen