Jump to content

Remote Management and routers

Kalach
 Share

Recommended Posts

Kalach

Kalach 0

Posted
Posted

Hi!

I got ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0) as a server. On workstations Endpoint Security with agents are installed. But part of my network is behind routers. Due to this fact, i can`t control and management that workstations. They just don`t see era server and server doesn`t see them - theu only update from internet.

 

Does any solution exist? Some port forwarding or triggering is required on routers? I use default 2222 and 2223 ports.

Link to comment
Share on other sites
  • ESET Staff
MartinK

MartinK 378

Posted
  • ESET Staff
Posted
4 hours ago, Kalach said:

Does any solution exist? Some port forwarding or triggering is required on routers? I use default 2222 and 2223 ports.

It is almost impossible to help in such situation without details.

But regardless of network topology, you have to configure network in a way that ESMC Agent can connect to machine where ESMC Server is installed using port 2222 (no need to do so for 2223, it is used only for console access and so called server-assisted installation). One possibility might be exposing ESMC Server's port even in case it is behind NAT router, or placing ESMC Server into DMZ part of network. Also it might be possible to use HTTP proxies to route communication of ESMC Agent's to ESMC. Last, and most commonly used might be hosting ESMC Server in cloud (i.e. hosted on machine in cloud providers environments) and thus enable all ESMC Agent with internet access to connect.

Link to comment
Share on other sites
  • ESET Staff
MartinK

MartinK 378

Posted
  • ESET Staff
Posted

From provided schema I am not sure where could be problem. In case pink clients have access to "Web Server", they should have access also to ESMC. Maybe router1 and router2 are blocking communication on port 2222? Otherwise in case there is standard NAT used, it should work. Can those clients ping ESMC server? Ping should also verify correct routing is used, even in case ping itself will fail due to firewalls not allowing it.

Link to comment
Share on other sites
Kalach

Kalach 0

Posted
  • Author
Posted

Tried to use telnet to check if ports are blocked - both 2222 and 2223 are accessible from workstation to ESMC server. Ping works too. But workstation doesn`t appear in webconsole.

 

1.PNG

Link to comment
Share on other sites
  • ESET Staff
MartinK

MartinK 378

Posted
  • ESET Staff
Posted

In that case please proceed with agent connectivity troubleshoting as described in documentation. I would recommend to start by checking status.html file on client machine to check primary reason. It is possible that agents are miss-configured or certificate verification fails.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...