[Linux ERA6 won't show informations]

So that means you have not changes SERVER's certificate in it's configuration? In that case your SERVER is still using certificate that was generated during setup, signed by CA certificate that was also generated during installation -> which means AGENT's must be installed with this original CA certificate.

 

What was purpose of generating new CA certificate? We can provide steps in case you specify your scenario.

 

Okay I already thought that would be the problem. My pupose of the own CA was that I wanted to create for each of our servers. So I don't have everything in one CA and in one Server.

[Linux ERA6 won't show informations]

Please provide more details - you have created nee CA certificate in ERA (= using ERA) or you imported it from somewhere else? In case you created CA using ERA, have you also used ti to create new peer certificates? If you, you created new SERVER's and AGENT's certificates?

 

Okay so I used the ERA WebGUI to create a new CA under Admin - Certificates - CA | Action - New.

There I fill in all the Gapps with a Passphrase and thats it actually.

[Linux ERA6 won't show informations]

So I just factory reseted my OVA and everything works as soon as I use the default CA and default peer certificates.

If I use an own CA it doens't work. So am I doing something wrong by creating a new CA?

[Linux ERA6 won't show informations]

 

Replication security 2016-Sep-21 07:51:16 Error: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain

 

This means that AGENT does not trust SERVER's certificate because it is missing its CA certificate. You have most probably installed AGENT with wrong CA certificate - AGENT expects CA certificate that was used to sign SERVER's certificate. I guess you have multiple CA certificates and you have choose wrong one - is this the case?

 

 

Well I've got one CA and four peer certificates. I've created all of them and delete the ones that came from scratch.

[Linux ERA6 won't show informations]

Could you please check AGENT's status log on one of client's located at C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html or C:\Documents and Settings\All Users\Application Data\Eset\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.hmtl? Log shows most significant error and whether AGENT is/was able to connect to SERVER.

In case mentioned log won't be available, please check whether ESET Remote Administrator Agent is actually installed on clients  as we had a bug that caused installation failure, but success was reported to SERVER - this applies especially for deployment using remote installation task.

In case status of AGENT installation will be "green" and successful connections to ERA will be reported, please try to restart SERVER's service in OVA - it may be known bug from previous versions of ERA which we cannot exclude as you have not mentioned version of ERA or OVA.

 

Okay first the informations:

I've download the virtuall appliance of the ESET webpage and these are the versions fo the ERA Server:

ESET Remote Administrator (Server), Version 6.4.304.0

ESET Remote Administrator (Webconsole), Version 6.4.280.0

CentOS (64-bit), Version 7.2.1511

 

I've installed the agent manually on one server and the log file contains three failures.

 

Status log Scope Time Text Last replication 2016-Sep-21 07:51:16 Error: CReplicationManager: Replication (network) connection to 'host: "carimgt5" port: 2222' failed with: Connection closed by remote peer for session id 14030 Peer certificate 2016-Sep-20 10:57:49 Error

• Agent peer certificate with subject 'CN=Agent Zertifikat für Hosts, O="NAME HAS BEEN REMOVED"., L=Worms, S=Rheinland-Pfalz, C=DE' issued by 'CN="NAME HAS BEEN REMOVED", O="NAME HAS BEEN REMOVED", L=Worms, S=Rheinland-Pfalz, C=DE' with serial number '"HAS BEEN REMOVED"' is invalid now (NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain)
• Peer certificate may be valid but can not be verified on this machine
• Check time validity and presence of issuing certification authority

Replication security 2016-Sep-21 07:51:16 Error: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain

• Remote host: STVERA1
• Remote machine certificate is not trusted because signing certificates (CAs) are not trusted or found in system/agent database
• Check if signing certificate authority was used during installation of agent or installed in system

 

I think I've made something wrong with the certificate

[Linux ERA6 won't show informations]

Hello,

I'm currently using the Linux Appliance with ERA6 running on it. I can deploy the agents and install the software remotly, but the server will not show me any informations. The only machine that is shown at the dashboard, is the ERA machine itself, all others aren't on the list although the server with the agent installed on it, have the right settings.

 

 

Thank you.

[ERA and Shared Local Cache in one Server]

Thank you very much. I will wait until the new appliance is released.

[ERA and Shared Local Cache in one Server]

Push

[ERA Update Subserver]

Yes, for ERA6 I recommend using the HTTP proxy. Put one on each site, and modify your policies in ERA so that clients on site1 go to proxy on site1. Site2 --> site2 proxy. Etc..

Apache HTTP Proxy (or Squid) can be installed on either Windows or Linux. You can refer to this article for instructions on installing HTTP Proxy on Windows: hxxp://support.eset.com/kb5950

And you can refer to this help guide for Linux: hxxp://help.eset.com/era_install/64/en-US/http_proxy_installation_linux.htm

 

Best,

Rook

 

Well I will try to create a Linux machine as a proxy, I think that would make more sense than setting up a Windows Server just to share the ESET updates. Thanka for your help Rook

[ERA Update Subserver]

I'm using ERA6.  So with proxy option you mean using a HTTP proxy?

[ERA and Shared Local Cache in one Server]

Well I've installed the version 6, I'll just try it out 

 

Edit:

Okay I've installed everything. Now I've got a different problem. I can't get my ESLC running, it keeps saying that it failed to apply VM parameters.

 

Maybe it is because I'm running it on a Hyper-V Host?

[ERA and Shared Local Cache in one Server]

Hello,

 

well we've got already ERA 6 running on a VM. I just thought I could simply add the Shared Local Cache to it. I will install it on a new machine, so the question is actually not necessary anymore.

 

But yesterday I configured our ESET policies and saw that the ESET Mail Security had the option to connect to a Shared Local Cache, I couldn't find the same option at the ESET File Security settings. Does this mean that ESET File Security isn't compatible to Shared Local Cache?

 

Greets. 

[ERA Update Subserver]

Hello,

 

in my company we've got a lot of locations and currently all the client geht their Updates from our ERA Server, where the traffic goes over our VPN Tunnel. So in order to reduce the traffic I would like to install subservers in each location, where the server downloads the updates from our server or the ESET server and then deploys them onto the clients.

 

How can I do this the best way?

 

Thanks

[ERA and Shared Local Cache in one Server]

Hello,

 

I'm just installing the Share Local Cache Server and was wondering if it's possible to install both applications ERA and Share Local Cache onto one Server?

 

Greets