tuan2tech 0 Posted June 29 Share Posted June 29 Hi you My purpose is just to allow internal PING to check the connection. I have added vlans in the trusted zone. Is this safe? When other machines on the LAN have a local attack, can ESET still detect it? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,169 Posted June 29 Administrators Share Posted June 29 By adding IP addresses to the trusted zone you allow file sharing and some other services in the network. For instance, if you add an IP address of an infected machine that doesn't have ESET installed, a possible rasomware running on the machine could encrypt files in other machines' shares. Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted July 1 Author Share Posted July 1 So I just want to allow PING, what should I do? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,169 Posted July 1 Administrators Share Posted July 1 Create a custom permissive rule for outbound ICMP communication with ICMP type 8 (echo) and the remote IP addresses outside the trusted zone that should be able to ping the machine. Put this custom rule on top of the default firewall rules: Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted Thursday at 08:37 AM Author Share Posted Thursday at 08:37 AM I created rules as instructed but still can't PING to the destination Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,169 Posted Thursday at 08:41 AM Administrators Share Posted Thursday at 08:41 AM The rule has priority 65, ie. it was not moved on top of the built-in rules. Should the communication be still blocked, you should be able to resolve it though this wizard: Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted Thursday at 09:12 AM Author Share Posted Thursday at 09:12 AM How to set rules to priority number 1, I deploy this policy to many machines at once Quote Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,169 Posted Thursday at 11:12 AM Administrators Solution Share Posted Thursday at 11:12 AM Toggle display of built-in rules Move the rule on top Apply the policy setting using the method "replace" or "prepend" so that these rules take precedence over the existing rules on the clients. Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted Saturday at 02:15 AM Author Share Posted Saturday at 02:15 AM Hi @Marcos I downloaded the agent file on the eset homepage and installed it on the window server 2012R2 and got the error as shown below. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.