GBO 0 Posted June 22, 2020 Posted June 22, 2020 Depending on requirements I often move computers from my domain to a customer's domain, where communication for Eset traffic is allowed through the Firewall. For explanation, called them company.local and customer1.net In all instances they report back to the ESMC in my network So I could build a computer called pc1, install Eset Business Security, it gets activated and is displayed in the ESMC as pc1.company.local I remove the computer from my domain and plug into the computer's network and join their domain. The DNS is now pc1.customer1.net. The problem is that while the computer has general Internet access, activation is blocked through their Proxy. The computer loses its activation, hence Eset is not functional. Is there any way I can change the configuration, so the computer retains it activation ? Hence the ESMC recognizes the new name to match the old one. Thanks Greg
Administrators Marcos 5,457 Posted June 22, 2020 Administrators Posted June 22, 2020 A computer shouldn't lose activation when Internet connectivity is not available. Couldn't it be that the machine falls into a dynamic group that has a product activation task on joining the group assigned?
GBO 0 Posted June 22, 2020 Author Posted June 22, 2020 When I re-locate it to the customer domain, it has a different DNS suffix and a different IP address, and it does not show up on the ESMC - even though the server is accessible via the Firewall. Is because the DNS and IP Address are different, that the ESMC is not recognizing it ? All the groups I have are static, should I be using Dynamic instead ?
ESET Staff MartinK 384 Posted June 23, 2020 ESET Staff Posted June 23, 2020 22 hours ago, GBO said: When I re-locate it to the customer domain, it has a different DNS suffix and a different IP address, and it does not show up on the ESMC - even though the server is accessible via the Firewall. Is because the DNS and IP Address are different, that the ESMC is not recognizing it ? All the groups I have are static, should I be using Dynamic instead ? Once device is created during first connection to ESMC, there is no relation between device name and device real DNS/FQDN name. This means that change of hostname is most probably not related to issue you have. I would recommend to proceed with standard troubleshooting of AGENT connectivity to be sure where the problem is. It might be related to certificates or network visibility. Especially in case client (AGENT) certificates with specific hostnames were used, it might result in this state, but this is non-default behavior for advanced-only scenarios. Another alternative is that devices with new DNS/FQDN name are considered as potentially cloned and in such case manual approval is required in ESMC console -> this should be visible in "questions" section if this is the case.
GBO 0 Posted June 24, 2020 Author Posted June 24, 2020 Thanks for the response. When the computer is connected to my network, Eset is fully functional and listed on the ESMC as pc1.company.local When I move it to the Customer's network, the actual host/computer name is the same but it's DNS/FQDN is pc1.customer1.net. Eset is no longer functional, pc1.company.local is still listed on the ESMC with a connection date/time relative to when it left my network. I can ping the Server, the Port is open through the firewall back to my network. What other 'troubleshooting of AGENT connectivity' should I try ? My workaround is disconnect the Ethernet so I am temporarily isolated from the customer network. Plug in a 4G Dongle, which gives me full Internet connectivity. Within one or two minutes, Eset is now fully functional. Disconnect the 4G Dongle, re-connect the Ethernet. Within 20 minutes, it is listed on the ESMC (pc1.company.local has been automatically renamed to pc1.customer1.net). The updates then get deliver ok and I can apply policies as required. You mention 'manual approval is required in ESMC console -> this should be visible in "questions" section'. Where is the "questions" section ? Again, thanks for you help.
ESET Staff MartinK 384 Posted June 25, 2020 ESET Staff Posted June 25, 2020 From details you provided it seems to be some kind of network related issue. I would recommend to start by checking status.html log in a moment when client is not connecting to ESMC (more details in documentation). Problem might be either firewall, or maybe even inability to resolve yours ESMC domain name (i.e. failing DNS)
Recommended Posts