Rafal96 0 Posted April 24 Posted April 24 I have Eset Protect 11 server running on Rocky Linux, in the same subnet I have an Ubuntu proxy server with Eset Bridge installed on it. The proxy server is accessible from an external network under a domain name. The task is that computers, in the agent's policy, have the address of the proxy server with Eset Bridge configured, and when they are outside the network, they should communicate with the Eset Protect server through the proxy server. Unfortunately, it doesn't work, can anyone tell me what I need to configure? When adding a policy in Eset Bridge, it shows me the message 'Eset Bridge status not installed'. Does Eset Bridge need to be installed on the Eset Protect server? I don't fully understand how this mechanism works. If I have a clean computer and I'm outside the local network and install the agent on it, provide the agent and server certificates, and configure the Eset proxy, should it communicate? Should the first communication take place on the local network? Below are the logs from the computer located outside the network. Quote 2024-04-24 09:03:35 Error: AuthenticationModule [Thread 11ec]: DeviceEnrollmentCommand execution failed with: failed to connect to all addresses (code: 14) for request Era.Common.Services.Authentication.RPCEnrollmentRequest (id: cb4e7424-4eb4-4d7e-865e-a3bc39e80e1f) on connection to 'host: "10.8.12.8" port: 2222', Proxy Enabled: 1, Proxy Connection: *********:3128, Proxy Credentials: none, Proxy Fallback Enabled: 1 2024-04-24 09:03:35 Warning: CReplicationModule [Thread 3a10]: GetAuthenticationSessionToken: Received failure status response: TEMPORARILY_UNAVAILABLE (Error description: session token temporarily unavailable, device is not enrolled yet) 2024-04-24 09:05:26 Error: AuthenticationModule [Thread 788]: DeviceEnrollmentCommand execution failed with: failed to connect to all addresses (code: 14) for request Era.Common.Services.Authentication.RPCEnrollmentRequest (id: 6f35ddb3-188f-44c0-98aa-4a2ca5b941b4) on connection to 'host: "10.8.12.8" port: 2222', Proxy Enabled: 1, Proxy Connection: ******:3128, Proxy Credentials: none, Proxy Fallback Enabled: 1 2024-04-24 09:05:26 Warning: CReplicationModule [Thread 3a10]: GetAuthenticationSessionToken: Received failure status response: TEMPORARILY_UNAVAILABLE (Error description: session token temporarily unavailable, device is not enrolled yet) 2024-04-24 09:05:26 Error: CReplicationModule [Thread 3a10]: InitializeConnection: Replication connection problem: Authentication was not possible due to unavailable remote server or its unwillingness to respond 2024-04-24 09:05:26 Warning: CReplicationModule [Thread 3a10]: InitializeConnection: Not possible to establish any connection (Attempts: 1) [RequestId: 1a8ab026-cc5c-46e8-8cab-28e551bbc935] 2024-04-24 09:05:26 Error: CReplicationModule [Thread 3a10]: InitializeFailOverScenario: Skipping fail-over scenario (missing last success replication link data) [RequestId: 1a8ab026-cc5c-46e8-8cab-28e551bbc935] 2024-04-24 09:05:26 Error: CReplicationModule [Thread 3a10]: CAgentReplicationManager: Replication finished unsuccessfully with message: Replication connection problem: Authentication was not possible due to unavailable remote server or its unwillingness to respond, Task: CStaticObjectMetadataTask, Scenario: Automatic replication (REGULAR), Connection: 10.8.12.8:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 00000000-0000-0000-0000-000000000000, Sent logs: 0, Cached static objects: 1, Cached static object groups: 1, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0
Administrators Marcos 5,461 Posted April 24 Administrators Posted April 24 3 hours ago, Rafal96 said: Does Eset Bridge need to be installed on the Eset Protect server? No, it can be installed on a separate machine. 3 hours ago, Rafal96 said: If I have a clean computer and I'm outside the local network and install the agent on it, provide the agent and server certificates, and configure the Eset proxy, should it communicate? Is the machine with ESET Bridge running accessible by machines that are outside the network?
Rafal96 0 Posted April 25 Author Posted April 25 Hi, yes machines outside the network have access, but only on port 3128, ICMP, etc. are disabled. At the moment, we have ESET Protect and ESET Bridge on a separate server in the same subnet. In ESET Protect, I see the ESET Bridge server, and there is communication between them on port 2222. However, there is still an issue with communication from computers outside the network
Administrators Marcos 5,461 Posted April 25 Administrators Posted April 25 Please raise a support ticket, we'll need to check pcap logs with the network communication captured.
Recommended Posts