Swindle 0 Posted March 8, 2022 Share Posted March 8, 2022 Hi, I'm troubleshooting an issue with my proxy servers. When they reach out to the ESET servers, they are receiving a 403 forbidden error. The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it. So, this leads me to ask this question. Do the ESET update servers REQUIRE secure connectivity? I haven't seen anything in the documentation that states it requires it. Observing the screenshot, 10.32.14.106 is the client and 10.32.2.23 is my proxy server. Thanks! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,231 Posted March 9, 2022 Administrators Share Posted March 9, 2022 From the screenshot it is not clear why Cisco Meraki is blocking access to the ESET server. I'd recommend excluding communication with ESET's servers listed at https://support.eset.com/en/kb332 from being filtered by Meraki. Quote Do the ESET update servers REQUIRE secure connectivity? Update is performed via HTTP in a secure manner. HTTPS is supported only for update from a local mirror. Link to comment Share on other sites More sharing options...
Swindle 0 Posted March 9, 2022 Author Share Posted March 9, 2022 I found the issue. I thought I had to have my proxyremote statement in the global proxy configuration, pointing to the remote proxy chain. It appears it needed to be on the remote proxy pointing to the global proxy. Does that sound accurate? We do have a Cisco Meraki device at the remote site, which was probably blocking. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,231 Posted March 9, 2022 Administrators Share Posted March 9, 2022 Not sure if I understand. If you connect through a proxy server, it must be set up correctly in the Endpoint setup (Tools -> Proxy server). The proxy must be allowed to communicate with ESET's servers listed in the KB above. Link to comment Share on other sites More sharing options...
Swindle 0 Posted March 10, 2022 Author Share Posted March 10, 2022 I have two proxy servers. I had this 'ProxyRemote * hxxp://10.96.2.31:3128' in my original global config, because I thought that statement forwarded to 10.96.2.31, saying it was the ProxyRemote. Instead, I should have added 'ProxyRemote * hxxp://10.32.2.2.3:3128' to the alternate proxy server configuration. The blocking was coming from the Cisco Meraki device at the remote location. I never realized it was trying to hit the remote location, which caused the confusion. I'm good now. Link to comment Share on other sites More sharing options...
Recommended Posts