Jump to content

Is seperate ESET SMC installation required?


Recommended Posts

Hello friends!

I have a question of correct practice regarding ESET SMC on a client implementation. 

Said client employs Active Directory workstations on their central premises and has a second location connected to the first one over leased line-VPN, where the workstations belong to a workgroup instead. 

How should I go about having those PCs discovered by the ESET console (that runs on the central location premises server).

I have already installed the endpoints on those workgroup pcs without problem using the All-in-One Installer, and tried adding them to the ESMC using their IP (which ofc belongs to a different subnet) without success. The added computers have status "unmanaged" 

Thank you for your help!

Link to comment
Share on other sites

  • Administrators

Manually adding machines should work. You can just install agent on the machines connected via VPN and they will connect to the ESMC server as long as it's reachable. You can check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log on these endpoints for possible connection issues.

If you want to see machines from a different subnet in the ESMC console (ie.even before agent is installed and starts connecting to ESMC), install RD Sensor within the subnet (https://help.eset.com/eesa/2/en-US/era_rd_sensor.html, https://help.eset.com/esmc_admin/70/en-US/fs_using_rd_sensor.html).

 

Link to comment
Share on other sites

Thank you for your timely response!!!

Isn't the agent already installed when using the All-in-One Installer?
I have already tried the Rogue Detection however it only sees the local subnet and not the VPN connected one.

I checked on all over-VPN clients the status.log and they all have identical reports (attached).

 

 

esettroubleshoot.png

Link to comment
Share on other sites

  • Administrators

Maybe a DNS issue resolving the server name? Could you try reinstalling agent while using the server's IP address on one of the machines? When using the live installer ESMCAgentInstaller.bat, edit the line "echo.P_HOSTNAME=ADMINVM.xxxxxx.local >> "%installConfigFile%"" and use the server's IP address instead.

As for the RD sensor, it detects only machines in the subnet that it's installed in. You should install it within each (ie. both) subnets.

Link to comment
Share on other sites

Good afternoon!

I followed your instruction regarding the changes on installer ESMCAgentInstaller.bat and run it on the Workgroup machines. Now I can see them on the console (little win here!) however I cannot manage them remotely. The Console is constantly updated (it can see Endpoint and module versions, if the Windows firewall is up or down etc) but all tasks sent fail.

For example when attempting to update through the Console I am getting:

GetFile: Failed to process HTTP request (error code: 20014, url: 'hxxp://repository.eset.com/v1/com/eset/apps/business/eea/windows/v7/7.3.2036.0/eea_nt64.msi')

on Client Task History. 

Does the service running those tasks need an enabled remote administrator account (or something like that)?

Link to comment
Share on other sites

PS: I think its worth mentioning that the above link is able to be manually downloaded on the client machine.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...