tuan2tech 0 Posted June 29 Share Posted June 29 Hi you My purpose is just to allow internal PING to check the connection. I have added vlans in the trusted zone. Is this safe? When other machines on the LAN have a local attack, can ESET still detect it? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted June 29 Administrators Share Posted June 29 By adding IP addresses to the trusted zone you allow file sharing and some other services in the network. For instance, if you add an IP address of an infected machine that doesn't have ESET installed, a possible rasomware running on the machine could encrypt files in other machines' shares. Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted July 1 Author Share Posted July 1 So I just want to allow PING, what should I do? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted July 1 Administrators Share Posted July 1 Create a custom permissive rule for outbound ICMP communication with ICMP type 8 (echo) and the remote IP addresses outside the trusted zone that should be able to ping the machine. Put this custom rule on top of the default firewall rules: Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted July 4 Author Share Posted July 4 I created rules as instructed but still can't PING to the destination Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted July 4 Administrators Share Posted July 4 The rule has priority 65, ie. it was not moved on top of the built-in rules. Should the communication be still blocked, you should be able to resolve it though this wizard: Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted July 4 Author Share Posted July 4 How to set rules to priority number 1, I deploy this policy to many machines at once Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,273 Posted July 4 Administrators Solution Share Posted July 4 Toggle display of built-in rules Move the rule on top Apply the policy setting using the method "replace" or "prepend" so that these rules take precedence over the existing rules on the clients. Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted July 6 Author Share Posted July 6 Hi @Marcos I downloaded the agent file on the eset homepage and installed it on the window server 2012R2 and got the error as shown below. Link to comment Share on other sites More sharing options...
Recommended Posts