Jump to content

I want to perform EsetSecurityManager IP settings in a batch for each EsetManagerAgent PC


Recommended Posts

 

Hello. Please forgive me that it may be strange English because it is posted by machine translation. EsetSeucrityManager and EsetManagerAgent can no longer be connected. There was a temporary network failure and EsetManagerAgent could not connect to EsetSeucrityManager. After that date, we confirmed that EsetManagerAgent is still unable to connect to EsetSeucrityManager. Therefore, when I checked the Log of EsetManagerAgent, it was confirmed that the IP of the connection destination was rewritten to 127.0.0.1 without permission. As a countermeasure It was confirmed that the IP address of EsetSeucrityManager was re-specified when the program was repaired. However, it is hard because there are a lot of EsetManagerAgent. Can these operations be repaired remotely from EsetSeucrityManager?

Link to comment
Share on other sites

  • Administrators

For a start let's check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html  and trace.log for details about the problem. You can post status.html here as well.

If agent is not reporting to your ESMC server because its IP address or certificates have changed, re-deploy agent with a correct address of the ESMC server and the current peer and CA certificates.

Link to comment
Share on other sites

  • ESET Staff

@smash007 In general, there might be one thing you can do. If the IP address of the ESMC server changed, if you revert it back to its original value, agents will be bale to connect. However, it depends, whether the certificate / address was configured for the IP, or the hostname. If you revert both to original values, no redeployment might be needed. 

Link to comment
Share on other sites

Thank you for your reply.

The IP of the Mgr server has never been changed.
Also, the server certificate has never been changed.

What is worrisome is the day when the last connection date stopped.
The PCs implemented WindowsUpdate.

Does WindowsUpdate break settings?

We will upload status.html.


Is it possible to redeploy a certificate to each client PC by executing a task from EsetMgr?

 

status.jpg

Edited by smash007
Link to comment
Share on other sites

  • ESET Staff

This was log captured just 7 seconds after AGENT service startup and that is why most of the details are missing. This itself is suspicious and might indicate problems with stability or correctness of installation -> AGENT is probably not able to start and thus not connecting to ESMC.

Please attach also trace.log which might show at least basic error message and confirm whether AGENT service is able to start or it is restarting itself due to some configuration or system issue.

Link to comment
Share on other sites

I delayed to reply.
I checked the log.
When the history is confirmed, the log is not output at the end of "Thread 9e4]: No such node (result.strIssuer)"
In the end, you can connect by manually resetting the certificate on the AGT side.
Is there any chance that the certificate will be damaged when EsetAgent cannot connect to EsetMgr?

Link to comment
Share on other sites

  • Administrators
2 hours ago, smash007 said:

In the end, you can connect by manually resetting the certificate on the AGT side.

By AGT you mean ESMC agent? What do you mean by manually resetting the  certificate?

You can generate Agent Live installer from the ESMC console and run in on a client which will upgrade to a newer version in the first round, if applicable and install current certificates in the 2nd round (meaning the second time you run it).

However, if there was a problem with certificates, it would be visible in status.html. Please provide trace.log from the troublesome machine as requested by MartinK above.

Link to comment
Share on other sites

  • Administrators

There are 2 issues:

1, with EPNS

019-09-12 00:59:33 Warning: CPushNotificationsModule [Thread 256c]: Failed to configure EPNS resource (retrying in 10 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)

Please make sure that clients can connect to epns.eset.com on poets 8883 and 443:
https://help.eset.com/esmc_admin/70/en-US/epns.html

2, with session token unavailable:
2019-09-12 00:59:43 Warning: CReplicationModule [Thread 26bc]: GetAuthenticationSessionToken: Received failure status response: TEMPORARILY_UNAVAILABLE (Error description: session token temporarily unavailable, device is not enrolled yet)

The error is network related. Most probably it is not possible to establish connection to the specific port. Either it is blocked, or another application is listening on the port. Might be also caused by exceeded limits for connections, especially in case that migration to ESMC 7 AGENT started and the old appliance is used.

Link to comment
Share on other sites

Thank you for confirmation.

In the time zone when the error occurred, it was not possible to connect due to network failure.
After the network failure was restored, I could no longer connect to EsetManeger.
In the end, I restored the manual certificate on the EsetAgent terminal.

The problem is that there are a large number of terminals that have similar events.
It is difficult to reset the certificate manually by one machine.

Is it possible to reset the certificate for each EsetAgent terminal from EsetManager side?

Edited by smash007
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...