Jump to content

Communication Issues


Recommended Posts

Hello,

We are currently on a trial of the business edition of ESET and so far everything has been good but, today we started having a major issue which is clients which every single one of them stop communicating with the server at random, sometimes an hour other times 30 minutes. (On last connected.).

 

Things I noticed

- Currently have it setup to communicate every 10 minutes (Default) which it does, however at random it will suddenly stop communication (all clients not just one, however I am still connected to the Admin server when this happens and can make modifications, but we are forced to restart the service which after 10 min allows them to check back in again), such as yesterday it was working fine, when I came in today it said all 50 clients last communicated 12 hours ago.

- Restarting the service fixes the issue (When an engineer helped us setup ESET they had us use a domain admin account to run the service as) however this occurs when we run it under a local account or domain account.

- The mirror update server still appears to allow the clients to update from it even when they don't check in with the server.

- The policy's are all correctly configured and worked good until today.

- Server is installed on Windows 2008 RC2 STD.

 

 

Questions.

- One quick policy question, do we have an option so that all clients are forced to connect to the remote administrator server? From a business standpoint this should always be a yes and no option should be allowed to disable it, because what happened to us is the antivirus program we are moving away from made a change to the ESET policies and changed "Connect to remote administrator server" from YES to NO so earlier last week all 50 clients had no communicated in 2 days (This occurred on a Saturday) which wasn't too bad to deal with but if we go with Eset and were to deploy it to all 1000 workstations that would cause a very serious problem for us (All other AV's we have been trying out don't have an option to disable the AV Clients from checking in to the server which is a good thing).

 

We have enabled the debug logging and will send in the results after this weekend so when it happens, the logs will be able to gather it (Hopefully).

Link to post
Share on other sites

Hi Mike !

After thinking about your post i wanted to add a few things for clarification.

I think it is absolutely true that the clients would be able to receive definition updates, even if not connecting to ERA from the console

I believe the connection to the ERA is by a different port listening on 2222~2225 for client information and receiving updates is a different port. 2221

ERA ports

 

I know you stated policies are all correct, but this sounds similar to a policy that might be cutting off the connection. What is your group policy refresh interval across the domain ? Usually its 90 minutes, but maybe you can reduce it down to troubleshoot and eliminate policy as a factor for cutting off the reporting back to ERA by the clients.
 See Article here : GP Refresh

 

Also Verify that the ERA Console build and the ERA Server build are the same. There are two parts to ESET Remote Administrator, the ERA Console and the ERA Server “service”. Both must be the same build.

 

Pulled this info from the manual as well for log checking:

If you suspect that there is something wrong with ERAS or if it is not functioning correctly, we recommend that you
follow these steps:
1) Check the ERAS log: Click Tools > Server Options from the ERAC main menu. From the Server Options window,
click the Logging tab and then click View log.
2) If you see no error messages, increase the Log verbosity level in the Server Options window to Level 5. After you
have tracked down the problem, we recommend switching back to the default value.
3) You may also be able to troubleshoot problems by turning on the database debug log in the same tab – see section
Debug Log. We recommend that you only activate the Debug log when attempting to duplicate the problem.

 

 

I would definitely wait for a response from ESET support too, they are experts on the software. ;)

Link to post
Share on other sites

GP Refresh was set to 15 minutes last Friday for testing.

ERA Console: 5.1.38

ERA Server: 5.1.38

 

Still having the issue on MySQL, The ESET service must be restarted for them to connect back in :-(

Link to post
Share on other sites
  • Administrators

I'd strongly suggest contacting Customer care as this seems to be a tough issue to be troubleshooted in the forum. Debug logs and maybe even a remote session will be needed.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...