Amity_Support 0 Posted August 31, 2018 Posted August 31, 2018 After upgrading from ver6.5 to ver7, send wake up call function not working.
ESET Staff MartinK 384 Posted September 1, 2018 ESET Staff Posted September 1, 2018 ESMC is using new mechanisms for waking up AGENT. It will work only with EST Management Agent v7, and it requires connection to ESET infrastructure -> it is no longer based on local network broadcasts. More information can be found in EPNS service documentation.
Amity_Support 0 Posted September 5, 2018 Author Posted September 5, 2018 We have only upgrade ERA 6.5 to 7.Other workstation are running older version of agent and client. So, In this scenario how to send wake up call to older client.
Administrators Marcos 5,466 Posted September 5, 2018 Administrators Posted September 5, 2018 Sending a wake-up call is not possible unless you upgrade agent to v7 as well.
opa-pro 2 Posted September 5, 2018 Posted September 5, 2018 7 часов назад, сказал Маркос: Отправка вызова пробуждения невозможна, если не обновить агент до v7. Do we understand correctly that without access to the eset infrastructure based on external servers, the send wake-up function does not work?Customers are not very happy with this fact, maybe we have the opportunity to use a third-party solution for this function?
Sky172 0 Posted September 6, 2018 Posted September 6, 2018 (edited) Hi, I am one of those customers. As I said, I don't think that external servers is needed by direct access for activation, management and wake-up (otherwise, what reason for wake-up port setting?). I think, unable activation and wake-up agents - is Endpoint/File Security and/or ERA server glitch, because web-browser correctly opens eset.com thru Apache proxy which provided on download page. Or I don't understood Eset configuration philosophy, where settings should be different than what I think. Upd: I have installed ERA 7 as new installation, not upgrade from previous version. Edited September 6, 2018 by Sky172 Update
Sky172 0 Posted September 6, 2018 Posted September 6, 2018 Some strings from provided Apache error.log: [Thu Sep 06 09:34:43.720495 2018] [proxy:error] [pid 1332:tid 12468] (OS 10060)Попытка установить соединение была безуспешной, т.к. от другого компьютера за требуемое время не получен нужный отклик, или было разорвано уже установленное соединение из-за неверного отклика уже подключенного компьютера. : AH00957: HTTP: attempt to connect to 91.228.167.133:80 (*) failed [Thu Sep 06 09:34:43.720495 2018] [proxy_http:error] [pid 1332:tid 12468] [client 192.168.151.3:52988] AH01114: HTTP: failed to make connection to backend: update.eset.com But browser is able to open it thru HTTP - this page asks for login and password. Thru HTTPS is unable - browser says "Connection..." and after some time - "Can't connect to update.eset.com. Timeout". update.eset.com resolved as updf5.wip.eset.com [91.228.167.133].
ESET Moderators Peter Randziak 1,186 Posted September 6, 2018 ESET Moderators Posted September 6, 2018 Hello @Sky172, not sure I understand, but the log from the proxy server relates to an update service and the forum topic is about Wake up calls,... Regards, P.R.
Administrators Marcos 5,466 Posted September 6, 2018 Administrators Posted September 6, 2018 Both the ESMC Server and Agent must be able to connect to epns.eset.com on port 8883. Is that condition fulfilled?
Sky172 0 Posted September 6, 2018 Posted September 6, 2018 Yea, but our local support invited me to join the discussion in this topic, saying earlier, that activation is needed continuous direct connection (without any proxy, etc.) to Eset servers in Internet. At this time nobody has confirmed or denied this. Otherwise, as I said in previous post, it should be glitch of Endpoint/File Security, and want info how resolve it. So I wrote a messages from logs here. Upd: 4 minutes ago, Marcos said: Both the ESMC Server and Agent must be able to connect to epns.eset.com on port 8883. Is that condition fulfilled? Okay, now I shall know. Should be connected? What the reason for agent connection to epns.eset.com, if ERA server exists here? And what purpose of Apache proxy in ERA 7 installation? Some of our computers placed in other restricted network segment and shouldn't have any access to Internet. And what if our Internet connection will be broken for some time?
Administrators Marcos 5,466 Posted September 6, 2018 Administrators Posted September 6, 2018 Currently there is no no way to send a wake-up call to offline computers. We will consider and most likely come up with a solution since we fully understand your needs but currently it is not possible.
Sky172 0 Posted September 6, 2018 Posted September 6, 2018 1 minute ago, Marcos said: Currently there is no no way to send a wake-up call to offline computers. We will consider and most likely come up with a solution since we fully understand your needs but currently it is not possible. Hmm, I thought make agent listen port on local machine is much easier and faster, than build datacenter for serve agent for whole world. And second part of of question - why Endpoint/File Security couldn't activated and updated thru Apache proxy? As I said, some of our computers don't have access to Internet. What should we do in this case?
ESET Moderators Peter Randziak 1,186 Posted September 6, 2018 ESET Moderators Posted September 6, 2018 Hello @Sky172, Endpoints and the products for Windows servers as well can be updated and activated as well via the proxy. When it comes to updates it is moreover recommended as it caches the update data files. Only the wake up calls cannot get through proxy. Regards, P.R.
Sky172 0 Posted September 6, 2018 Posted September 6, 2018 57 minutes ago, Peter Randziak said: Hello @Sky172, Endpoints and the products for Windows servers as well can be updated and activated as well via the proxy. When it comes to updates it is moreover recommended as it caches the update data files. Only the wake up calls cannot get through proxy. Regards, P.R. No. Until I let one of machines with File Security directly to Internet, it couldn't be activated. With Endpoint too. And with directly access to Internet for both Server and Agent wake up is unable. Employee of local ESET tech support was see it, when I showed him this issue. He invited me here.
Amity_Support 0 Posted September 6, 2018 Author Posted September 6, 2018 1 hour ago, Marcos said: Currently there is no no way to send a wake-up call to offline computers. We will consider and most likely come up with a solution since we fully understand your needs but currently it is not possible. The Problem of wake up call via epns server is that if internet connection is down for 2 to 4 hours then we can't send wake-up call for local computer.
Sky172 0 Posted September 7, 2018 Posted September 7, 2018 (edited) It sounds like let's deliver parcels from Moscow to Warsaw through Rio de Janeiro. Facepalm. Excuse me. How shortly we can wait for direct wake up implementation? P. S. And problem of unable wake up Agent which have direct access to Internet is still have. Agent 7.0.553.0, ERA server 7.0.553.0, Web-console 7.0.413.0. Clear installation, not update. Upd. Brothers and sisters! Our prayers were heard! Wake up thru epsn.eset.com (holy, holy) begin works. It seems to be. Edited September 7, 2018 by Sky172
ESET Moderators Peter Randziak 1,186 Posted September 7, 2018 ESET Moderators Posted September 7, 2018 17 hours ago, Sky172 said: No. Until I let one of machines with File Security directly to Internet, it couldn't be activated. With Endpoint too. And with directly access to Internet for both Server and Agent wake up is unable. Employee of local ESET tech support was see it, when I showed him this issue. He invited me here. Please check if the addresses required for activation are accessible via the proxy https://support.eset.com/kb332/?locale=en_EN
Sky172 0 Posted September 7, 2018 Posted September 7, 2018 I've checked addresses on those page thru Apache proxy (preconfigured, by ESET provided) and directly. Results is same: um10.za.eset.com -> no dns record. Google's dns agrees with it too. download.eset.com -> www.eset.com dlm1.eset.com -> no dns record dlm2.eset.com -> no dns record dlm3.eset.com -> no dns record dlm4.eset.com -> www.eset.com dlm5.eset.com -> www.eset.com dlm6.eset.com -> www.eset.com expire.eset.com -> 403 forbidden subreq.eset.eu -> no dns um01.eset.com to um01.cn.eset.com asks for login/pass esa.eset.com -> esa.eset.com m.esa.eset.com -> esa.eset.com All ESET Live greed addresses -> 400 Bad request. List "Domains used by ESET Live Grid" - most of them 400 bad request or 403 forbidden. Apparently, not everything is good in the state of Denmark. And I even guess who should fix it.
Recommended Posts