eclipse79 4 Posted July 20, 2022 Share Posted July 20, 2022 Hello I started to upgrade Eset Management Agent 9.0.1141.0 to 9.1.1295.0. I got an issue... For now, I upgraded only 2 clients, and with only these 2 clients I cannot connect anymore to Eset Protect Cloud.... the last syncoinization date is exactly some minutes before the upgrade. I investigated analyzing our firewall logs and I found this: - Management Agent 9.0.1141.0 establishes connection to an hostname, ie: https://xxxxxxxxxxxxx.a.ecaserver.eset.com - Management Agent 9.1.1295.0 establishes connection to the ip address of previously indicated hostname, ie: https://xxx.yyy.www.zzz Of course, my firewall is set to bypass https inspection scan for all urls that contains eset.com, eset.systems, eset.eu hostnames. When i added another exception for https://xxx.yyy.www.zzz url, also the clients with 9.1.1295.0 could connect to Protect Cloud. Of course, this is a temporary workaround, the ip address associated to the hostname may change... so, I suppose that you should consider to fix this issue. Thanks Fabio Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,168 Posted July 20, 2022 ESET Moderators Share Posted July 20, 2022 Hello @eclipse79, I'm checking it with the dev team. Can you please provide us with the status.log and trace.log logs? If you can capture the connection attempt with a Wireshark, it might help too. You can send them to me via a private message. Peter Link to comment Share on other sites More sharing options...
eclipse79 4 Posted July 20, 2022 Author Share Posted July 20, 2022 1 hour ago, Peter Randziak said: Hello @eclipse79, I'm checking it with the dev team. Can you please provide us with the status.log and trace.log logs? If you can capture the connection attempt with a Wireshark, it might help too. You can send them to me via a private message. Peter Thanks you, I will send you the files Peter Randziak 1 Link to comment Share on other sites More sharing options...
ESET Moderators Solution Peter Randziak 1,168 Posted July 20, 2022 ESET Moderators Solution Share Posted July 20, 2022 Hello @eclipse79, the development team confirmed a bug on our side. Thank you for reporting it and for really nice analysis on your side too. Peter Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,168 Posted July 21, 2022 ESET Moderators Share Posted July 21, 2022 Hello @eclipse79, The SNI was not sent by the agent, which caused the behavior you reported. We already have a fix for it, new agent version will be probably released to address it. Peter (P_EP-26930) Link to comment Share on other sites More sharing options...
eclipse79 4 Posted July 21, 2022 Author Share Posted July 21, 2022 11 minutes ago, Peter Randziak said: Hello @eclipse79, The SNI was not sent by the agent, which caused the behavior you reported. We already have a fix for it, new agent version will be probably released to address it. Peter (P_EP-26930) Thank you Peter, is this issue also present on new MacOS agent release? Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,168 Posted July 21, 2022 ESET Moderators Share Posted July 21, 2022 59 minutes ago, eclipse79 said: Thank you Peter, is this issue also present on new MacOS agent release? You are welcome, pleasure is on our side. It seems that the management agent for macOS is affected too. Peter Link to comment Share on other sites More sharing options...
eclipse79 4 Posted July 21, 2022 Author Share Posted July 21, 2022 4 minutes ago, Peter Randziak said: You are welcome, pleasure is on our side. It seems that the management agent for macOS is affected too. Peter Thank you, last question: is there any way to install previous agent version 9.0.1141.0? Or do you suggest to wait until next release? All my clients have 9.1.2051.0 Enpoint realease with 9.0.1141.0 agent, except for 3 clients with 9.1.1295.0 agent. Thanks Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,168 Posted July 21, 2022 ESET Moderators Share Posted July 21, 2022 AS you have a workaround already, I won't bother with downgrading the agent and wait for the fixed release... Peter Link to comment Share on other sites More sharing options...
Recommended Posts