beefydog 0 Posted September 26, 2014 Share Posted September 26, 2014 I setup the remote administration tools to be able to do push installs on Windows 7 (SP1) workstations, and, as a test, I did just a single push install, first the antivirus product, which was successful (then I rebooted and everything was fine). I then installed the Endpoint Security to the same Windows 7 workstation and now cannot ping, telnet, or anything to the machine. I presume the firewall locks all ports on the machine making it completely inaccessible from the outside. Unfortunately, I have to remotely get in via Remote Desktop (it's 200 miles away) and can't see to find any way to disable the firewall from the ESET Remote Administrator Console. I can see the status of the PC, however, so I know it's talking to the Console. How can I disable the firewall? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted September 26, 2014 Administrators Share Posted September 26, 2014 It sounds like you didn't configure the trusted zone properly. If the computer reports to ERAS, simply add the desired IP addresses or subnets to the trusted zone. Link to comment Share on other sites More sharing options...
beefydog 0 Posted September 27, 2014 Author Share Posted September 27, 2014 I figured it out.Right click the selected workstation (or workstations), New Task-->Configuration Task, hit Create button, go to Windows desktop v5 --> Personal firewall --> Settings --> Firewall system integration, then select "Personal firewall completely disabled" (mark it first, then hit the Console button), then click the "next" button on the previous dialog. (and wait). Worked like a charm.I'll probably leave the firewalls off - totally unnecessary w/o our UTM firewall. just need endpoint security (USB drives, CD drives, etc) Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted September 27, 2014 Administrators Share Posted September 27, 2014 I figured it out. Right click the selected workstation (or workstations), New Task-->Configuration Task, hit Create button, go to Windows desktop v5 --> Personal firewall --> Settings --> Firewall system integration, then select "Personal firewall completely disabled" (mark it first, then hit the Console button), then click the "next" button on the previous dialog. (and wait). Worked like a charm. I'll probably leave the firewalls off - totally unnecessary w/o our UTM firewall. just need endpoint security (USB drives, CD drives, etc) This is not a solution. In fact, by disabling the firewall completely you also disabled web protection which is an essential protection layer. You should be able to fix the issue by configuring the trusted zone properly. If you want to disable the firewall for whatever reason, change the integration type to "Only scan applications protocols" so that web protection will remain functional. Link to comment Share on other sites More sharing options...
beefydog 0 Posted September 27, 2014 Author Share Posted September 27, 2014 I did not realize the web protection required the firewall to be on. I'll have to figure this out. The Trusted Zone config was for the LAN subnet, but the firewall still blocks all ports including necessary Windows domain ports for every day networking. I supposed each and every app needs to be configured? Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 3, 2014 Share Posted October 3, 2014 It sounds like you didn't configure the trusted zone properly. If the computer reports to ERAS, simply add the desired IP addresses or subnets to the trusted zone. If it reports Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 3, 2014 Share Posted October 3, 2014 I did not realize the web protection required the firewall to be on. I'll have to figure this out. The Trusted Zone config was for the LAN subnet, but the firewall still blocks all ports including necessary Windows domain ports for every day networking. I supposed each and every app needs to be configured? Your better off with your UTM box for handling ports coming in and out of the dmz, or between public and private / wan-lan, but i would still use the software driver firewall by eset for applications that are doing sneaky things by network on the lan. Yes the trusted zone should be your local subnet, i would add your dc or dns/router to trusted as well if its subnet falls outside. Or just plain the dns if its external too. Each endpoint wont need to be configured if you create a policy in the ERA and assign all the clients to that policy, you can also push the installs with that config too ! So your eset firewall is configured correctly. For less management i would just install Endpoint Antivirus, use windows firewall, and or manage your UTM box if thats what you mean. Link to comment Share on other sites More sharing options...
Recommended Posts