Jump to content

Remote Management and routers


Recommended Posts

Hi!

I got ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0) as a server. On workstations Endpoint Security with agents are installed. But part of my network is behind routers. Due to this fact, i can`t control and management that workstations. They just don`t see era server and server doesn`t see them - theu only update from internet.

 

Does any solution exist? Some port forwarding or triggering is required on routers? I use default 2222 and 2223 ports.

Link to comment
Share on other sites

  • ESET Staff
4 hours ago, Kalach said:

Does any solution exist? Some port forwarding or triggering is required on routers? I use default 2222 and 2223 ports.

It is almost impossible to help in such situation without details.

But regardless of network topology, you have to configure network in a way that ESMC Agent can connect to machine where ESMC Server is installed using port 2222 (no need to do so for 2223, it is used only for console access and so called server-assisted installation). One possibility might be exposing ESMC Server's port even in case it is behind NAT router, or placing ESMC Server into DMZ part of network. Also it might be possible to use HTTP proxies to route communication of ESMC Agent's to ESMC. Last, and most commonly used might be hosting ESMC Server in cloud (i.e. hosted on machine in cloud providers environments) and thus enable all ESMC Agent with internet access to connect.

Link to comment
Share on other sites

  • ESET Staff

From provided schema I am not sure where could be problem. In case pink clients have access to "Web Server", they should have access also to ESMC. Maybe router1 and router2 are blocking communication on port 2222? Otherwise in case there is standard NAT used, it should work. Can those clients ping ESMC server? Ping should also verify correct routing is used, even in case ping itself will fail due to firewalls not allowing it.

Link to comment
Share on other sites

Tried to use telnet to check if ports are blocked - both 2222 and 2223 are accessible from workstation to ESMC server. Ping works too. But workstation doesn`t appear in webconsole.

 

1.PNG

Link to comment
Share on other sites

  • ESET Staff

In that case please proceed with agent connectivity troubleshoting as described in documentation. I would recommend to start by checking status.html file on client machine to check primary reason. It is possible that agents are miss-configured or certificate verification fails.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...