Jump to content

After Push Install Of Endpoint Security, Cannot Access Win7 Pc

beefydog

By beefydog
in ESET Endpoint Products

 Share

Recommended Posts

beefydog

beefydog 0

Posted
Posted

I setup the remote administration tools to be able to do push installs on Windows 7 (SP1) workstations, and, as a test, I did just a single push install, first the antivirus product, which was successful (then I rebooted and everything was fine).  I then installed the Endpoint Security to the same Windows 7 workstation and now cannot ping, telnet, or anything to the machine.

I presume the firewall locks all ports on the machine making it completely inaccessible from the outside.

Unfortunately, I have to remotely get in via Remote Desktop (it's 200 miles away) and can't see to find any way to disable the firewall from the ESET Remote Administrator Console. I can see the status of the PC, however, so I know it's talking to the Console.

How can I disable the firewall?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

It sounds like you didn't configure the trusted zone properly. If the computer reports to ERAS, simply add the desired IP addresses or subnets to the trusted zone.

Link to comment
Share on other sites
beefydog

beefydog 0

Posted
  • Author
Posted

I figured it out.
Right click the selected workstation (or workstations), New Task-->Configuration Task, hit Create button, go to Windows desktop v5 --> Personal firewall --> Settings --> Firewall system integration, then select "Personal firewall completely disabled" (mark it first, then hit the Console button), then click the "next" button on the previous dialog. (and wait).

Worked like a charm.
I'll probably leave the firewalls off - totally unnecessary w/o our UTM firewall. just need endpoint security (USB drives, CD drives, etc)
 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

I figured it out.

Right click the selected workstation (or workstations), New Task-->Configuration Task, hit Create button, go to Windows desktop v5 --> Personal firewall --> Settings --> Firewall system integration, then select "Personal firewall completely disabled" (mark it first, then hit the Console button), then click the "next" button on the previous dialog. (and wait).

Worked like a charm.

I'll probably leave the firewalls off - totally unnecessary w/o our UTM firewall. just need endpoint security (USB drives, CD drives, etc)

 

 

This is not a solution. In fact, by disabling the firewall completely you also disabled web protection which is an essential protection layer. You should be able to fix the issue by configuring the trusted zone properly. If you want to disable the firewall for whatever reason, change the integration type to "Only scan applications protocols" so that web protection will remain functional.

Link to comment
Share on other sites
beefydog

beefydog 0

Posted
  • Author
Posted

I did not realize the web protection required the firewall to be on. I'll have to figure this out. The Trusted Zone config was for the LAN subnet, but the firewall still blocks all ports including necessary Windows domain ports for every day networking. I supposed each and every app needs to be configured?

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

It sounds like you didn't configure the trusted zone properly. If the computer reports to ERAS, simply add the desired IP addresses or subnets to the trusted zone.

 

If it reports :lol:

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

I did not realize the web protection required the firewall to be on. I'll have to figure this out. The Trusted Zone config was for the LAN subnet, but the firewall still blocks all ports including necessary Windows domain ports for every day networking. I supposed each and every app needs to be configured?

 

Your better off with your UTM box for handling ports coming in and out of the dmz, or between public and private / wan-lan, but i would still use the software driver firewall by eset for applications that are doing sneaky things by network on the lan.

Yes the trusted zone should be your local subnet, i would add your dc or dns/router to trusted as well if its subnet falls outside. Or just plain the dns if its external too.

 

Each endpoint wont need to be configured if you create a policy in the ERA and assign all the clients to that policy, you can also push the installs with that config too ! So your eset firewall is configured correctly.

 

For less management i would just install Endpoint Antivirus, use windows firewall, and or manage your UTM box if thats what you mean.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...