nkm
Members-
Posts
9 -
Joined
About nkm
-
Rank
Newbie
Profile Information
-
Location
Greece
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Migrated ESMC Agents contacting old ERA Proxy Server
nkm replied to nkm's topic in ESET PROTECT On-prem (Remote Management)
As mentioned, eventhough the agents register with the new ESMC Mgmt Server and updates work OK, if the agent deployment does can't access the EPNS port and explicit proxy settings is not set, it will try and use the previous settings (old ERA Proxy). Once I added the clients to a group that had the new proxy server explicitly set, and made the proxy configuration changes suggested, clients stop contacting the old ERA Proxy. Thanks for all your help. -
Migrated ESMC Agents contacting old ERA Proxy Server
nkm replied to nkm's topic in ESET PROTECT On-prem (Remote Management)
Downloaded the latest version of Apache HTTP Proxy for Windows to compare the configuration file. Made the modification to our new ESMC Proxy server. I have moved some of the upgraded PC's into a group where the Agent proxy server is configured correctly, and will monitor. -
Migrated ESMC Agents contacting old ERA Proxy Server
nkm replied to nkm's topic in ESET PROTECT On-prem (Remote Management)
Hi Martin, Found that, client tries to establish a connection to epns.eset.com on TCP Port 8883, which fails. Client then attempts to connect using the old Proxy Server, requesting to connect to 8883 (fails), then fails-back to 443 (succeeds). Client never attempts to connect to epns.eset.com either on TCP Port 8883 or 443 via the new Proxy Server. New clients (that is, clients that have have never had the previous ERA Agent installed) attempt to connect to epns.eset.com through new Proxy Server using 8883 (fails), however they fall back to 443 (succeeds). I will try moving the problematic client into the same group as the new clients and let you know. Besides the original issue, should I change the configuration on the new Proxy Server to allow CONNECT to port 8883? Cheers -
Migrated ESMC Agents contacting old ERA Proxy Server
nkm replied to nkm's topic in ESET PROTECT On-prem (Remote Management)
Hi Martin, Ok, will do. Now that I think about it, I monitored the PC (using Process Hacker 2) to view the TCP communication generated by the ERAAgent process when re-deploying the agent, and observed that the process connected correctly to the new ESMC, then after a while reverted to old ERA Server. I may run some packet captures etc to see if the agent is having troubles connecting to the new Proxy Server. Kind Regards, -
Migrated ESMC Agents contacting old ERA Proxy Server
nkm replied to nkm's topic in ESET PROTECT On-prem (Remote Management)
Hi Martin, Thanks for your reply. The module missing is "log_config_module". If I try to enable it (uncomment from the httpd.conf file), Apache HTTP Proxy fails to start. My real question is why the ESMC 7.x client still tries to connect to the old ERA Proxy Server. I notice that, clients that have never had the ERA Agent seem OK, it appears to be upgraded clients only. Could it be my upgrade procedure? Kind Regards, -
Hi All, We have migrated the majority of our clients from ERA (v6.x) to ESMC (v7.x). All clients have have registered correctly to new ESMC Mgmt Server, and updating correctly. Before decommissioning the old ERA Proxy Server I wanted to ensure that none of the clients were using the old ERA Proxy server, as the ESET Apache HTTP Proxy installation does not have the appropriate logging DLL installed I am unable to check the Apache access logs only the Error logs. The 'error.log' file shows the following entries. Connect to remote machine blocked returned by epns.eset.com:8883 Found that on the client computer the "ERAAgent.exe" process was accessing the old ERA Proxy Server. Where is this being set, as I have checked all Policies on the new ESMC and there is no reference to the old ERA Proxy Server. Anyone else had this issue?
-
Thanks Marcos, I believe this was the configuration option I was missing.
-
nkm joined the community
-
We are currently in the process in rolling out Endpoint Security 7.x, however we are unable to successfully activate the ES 7.x product. Clients do not have direct Internet access, and connect using HTTP Proxy servers. I have set both HTTP proxy server both on the agent policy and the ES Policy, however regardless configuring the required proxy server I am unable to Activate the product. After using Sysinternals Process Monitor, I can verify that the 'ekrn.exe' process ignores the proxy settings and attempts to contact the activation servers directly. It is my understanding that the ES 7.x Policy's HTTP Proxy server configuration should cause the ES 7.x to use the HTTP Proxy server to complete activation, however the Sysinternals Process Monitor shows otherwise. What am I missing?