Jump to content

How to configure ESET Endpoint Security Firewall with Eset Remote Administrator to allow Win7-built-in Remote Assistance (msra.exe) ?


hauke81
 Share

Recommended Posts

Hello,

we are using the Windows 7 built-in Remote Assistance for Remote Support in our company.

Since we released Eset Internet Security with the Eset Firewall, tthe MS Remote Assistance doesnt work anymore. I tried to configure the Eset Personal Firewall in the Eset Remote Administrator to fit our needs, but no success.

The Firewall Filtermode is "Automatic". I specified some rules to let all MSRA traffic through:

Protocol: upd AND tcp

any profile

Action: allow

both directions

Local Ports: 135, 3389, 1000-65535

Remote Ports: 135, 3389, 1000-65535

Application: C:\Windows\System32\msra.exe; C:\Windows\SysWOW64\msra.exe; C:\Windows\System32\svchost.exe; C:\Windows\SysWOW64\svchost.exe

 

A Wireshark analysis tells me that while remote assistance initiation there is a SYN from me to remote (port 18090 -> 53223) which is usually (without Eset Firewall) answered by a SYN ACK from remote to me (port 53223 -> 18090), but with active Eset FW the SYN ACK answer is not passed through to me (or the initial SYN is not passed through to the remote pc so he doesnt answer).

 

Help anyone?

Hauke

eset config 2.jpg

eset_config_1.jpg

msra init fail.jpg

msra init success.jpg

Link to comment
Share on other sites

  • Administrators

First of all, let's make sure you're using a correct product. You've mentioned ESET Internet Security but this is for home users and cannot be managed by ERA. If you have more than 5 licenses and want to manage ESET from ERA, make sure that you install ESET Endpoint Security.

If you actually have EES installed, I'd suggest running the firewall troubleshooting wizard after a connection has been blocked. The wizard will allow you to create the appropriate allowing rule with a few clicks. You can subsequently update the ERA policy which is applied to Endpoint running on the workstations.

Link to comment
Share on other sites

Yes, its Eset Endpoint Security, sorry!

And thanks!!

The troubleshooting wizard showed me, that I forgot to let raserver.exe communicate through the fw.

Problem solved :)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...