Jump to content

AlexGermany

Members
  • Posts

    3
  • Joined

  • Last visited

About AlexGermany

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Germany
  1. Some weeks everything run fine. Thx for the hints here. But now I have the situation, that a new Agent-version exist (9.0.xxx) Newly installed computers get the new version, if I start a server task with type "Agenten-Bereitstellung", may be translated as "Agent-Provisioning". But the existing computers have still old Agent-version (8.1.xxx) From my point of view, Agent-Provisioning is not the same as Agent-Update. So I think I have to create a new task for Agent-Update, to update the old agents ont the existing computers. Must it be a Server-Task again (like Agent-Provisioning). Or can I use a Client-Task now for Agent-Updating (which template?)? I'm asking her in the thread, because its due to naming-conventions by ESET still sometimes unclear, when to use a server-task and when a client-task. (btw. Why do I need this differentiation?) I thought, that Agent-Provisioning should be a Client-Task too, because the goal is "Install an Agent on a Client". But during install of ESET-Protect, I found only in the Server-Tasks a suitable Task-template for Agent-Provisioning *confusing*
  2. After I didn't get any feedback for days I tried everything I could think of my mood got worse and worse, I decided to complete reinstall the EP server. Lo and behold, it works! The only difference I can remember that I made during this installation, was that I restarted the EP server after importing the old certificates AND licenses. https://help.eset.com/era_admin/65/en-US/set_new_era_server_certificate.html recommends a direct restart. But here https://help.eset.com/era_install/65/en-US/clean_installation_different_ip.html you can see the text: "Do not stop the ERA Server service until step 6." Maybe that made the difference? I dont know. In any case, it would be great if ESET-developers can work on more meaningful error messages. The suspected proxy-entries doesn't seem to be a problem either, because it is regitered now in both: "HTTP proxy used for replication" and "HTTP proxy used for ESET services" and it is running. 😲 So what exactly do these expressions mean? "Replication": is it agent <-> server communication? (therefore my intention to get rid off the proxy-entry, because all (EP-Server + Clients) are within 1 LAN) "ESET services": is it ESET AV Client <-> Internet (f.i. ESET Repository Servers) communication? and the string in logfile "Agent to agent communication is not supported" is very confusing too. Is there a hidden agent on the server that wants to talk to Client-Agent vice-versa? Then this sentence make sense. Ohterwise I was really confused, that my (Client-)Agent tried to talk to another (Client-)Agent ...
  3. The old admin is away forever 😞 and me has to try a migration-attempt, but still not successful. 😥 - sorry for bad english and sorry for much text, I'm trying to solve this since 2 days (and yes, I read much here, but cant get the information that helps) - f.i. I read this (but does not help): https://help.eset.com/era_install/65/en-US/clean_installation_different_ip.html https://help.eset.com/esmc_admin/70/en-US/fs_agent_connection_troubleshooting.html https://help.eset.com/esmc_admin/72/en-US/certificates_certificate_era.html Actual configuration (all Windows Server and Windows Clients): - ESMC Server 7.2.1278.00 - all clients (Eset-Mgmt Agent: 7.2.xxx and Eset-AV: 8.0.xxx) are working well New configuraion: Because the old server is old :-) I installed 1 additonal new server: - ESET Protect 8.1.1223.00 Idea: To tell all clients, that they have to connect to the new server, with as less impact as possible (ideally no install of new client components, only to give the information regarding the new server, f.i. via policies) New server is installed and runs well (as soon I can see). Now I'm trying to move an existing test-client from old server to the new server. First I removed all policys from the client on the old server (may be this was the first error). May be I also triggered "stop administatration of this client", I made much things during last 2 days 🙂 The new server found the test-client via Rogue Detection (I think) and it is shown as unwanted device in the Protect-Console. I was able to move the test-client then to the "lost-found" group but its totally grey with no further informations. So, the communication between test-client and new server seems to be distorted. 😞 1.Idea: May be a certification-problem? I exported all possible certifcates from old server and imported into new server and tried to build a new peer-agent-certificate, but does not work. (I read later, that serverbased install of agent is only with the certificate possible, that the server himself generates during its installation). The idea of this attempt was, that the client can may be still communicate with old server and get a new policy, that describes, what his new server is ... 2. idead: May be a proxy-problem? The status.html shows, that the test-client wants to use a proxy for replication. But this proxy is not configured for ESET, its only a dumb proxy for internet-surfing and the Eset-AV can use it to download updates. So I dont want, that the client-replication (agent) tries to connect the server via proxy) And I dont know from which source the test-client knows of this proxy. May be read from some browser-configruation on this machine ... So, may be I have a problem with certificates and proxy, but first I want to get rid of the proxy. Because I'm sure, that the client-agent should no use a proxy. I made a new policy on the new server, with empty proxy entries (and overwrite option), but I dont think, that the client proccesse the new rule, because the replicaton-connection is still distorted. I made also new policy for the test-client on old server, with no proxy too, but gave also the IP for connection to new server. No real effect 😞 So the test-client is to be seen on new server in grey, but they dont talk with eachother 😞 Or may be, the server talks to client, but the client dont talks back on the correct way. Then I tried to deploy a newer agent version on the test-client via serverbased install. And yes, the test-client has now installed the agent version: 8.1.1223.00 (all other clients still have 7.2.1266) But this seems to be a oneway too. The client installs the agent but did not find a way back to communicate with his new server. May be because he tries it still via the proxy, but the proxy does not know how to handle this (and should not handle this) Could someone help me, to get rid of the proxy within the client-agent? attached: a pic of the status.html on test-client (behind the blue color occurs everytime the new server, so this part is correct)
×
×
  • Create New...