Remote activation behind firewall/proxy

[Ivart Filho 0]

Trying to activate ESET Endpoint Security from ERA 6 but always fail, I think that is because my firewall/proxy blocks tcp 80/443 to ESET License Administrator. How I can fix that?

[jimwillsher 65]

The default port is 2222, not 80/443. You'll need to open 2222 in your firewall (or a ifferent port and NAT/PAT like we do).

[Ivart Filho 0]

Hi, thanks jimwillsher but if client uses port 2222 to online activation what ESET url I have to put in my firewall rule?

[michalp 20]

Please make sure that https://edf.eset.com/edf is accessible from a computer on which EES is installed. You can try access it with web browser, some XML file should be returned.

[Ivart Filho 0]

Thanks, but why EES Client doesn´t recognize Windows Proxy settings? By the way I´m using Apache HTTP Proxy ERA6 server, client doesn´t connect through them also. If I create firewall rule to access https://edf.eset.com/edf on port 2222 I will fix activation problem?

[jimwillsher 65]

I was mistaken in my post re: 2222. 2222 is the port used for client > ERA Server communication, not for client >> ESET.com communication. I misread your post.

[michalp 20]

If you have installed ERA server through bootstrapper with enabled HTTP proxy, there should be automatically created policy for group 'All' that tells installed EES to connect through HTTP proxy. This includes activation process.

 

I am not sure if EES reads Windows Proxy settings but definitely it can be configured through policy if you are running your custom HTTP proxy setup.

 

Enabling access to https://edf.eset.com/edf on port 443 should do it.

[Ivart Filho 0]

 

Enabling access to https://edf.eset.com/edf on port 443 should do it.

 

Ok, it worked if I set firewall rule for this but if I want to use proxy for activation what I need to do? In TOOLS menu PROXY settings need to put my proxy:port address? Client will activate through this address?

[michalp 20]

Yes, if you want to use proxy for activation and updates, then set policy: ESET Security Product for Windows -> Tools -> Proxy Server. Don't forget to create similar policies for other products that are in your network, including Agent (ESET Remote Administrator Agent -> Advanced settings -> Http Proxy) as other products may need to communicate with activation servers and download updates.

[devlin 5]

Yes, if you want to use proxy for activation and updates, then set policy: ESET Security Product for Windows -> Tools -> Proxy Server. Don't forget to create similar policies for other products that are in your network, including Agent (ESET Remote Administrator Agent -> Advanced settings -> Http Proxy) as other products may need to communicate with activation servers and download updates.

 

I have proxy configured on Agent and EEA and it's still doesn't work. Is it really possible to activate EEA through ERA6?

[Marcos 5,070]

If you attemtp to activate Endpoint v6 locally via gui, do you get an error? If so, what does the error read?

[rdrummondld 0]

Also see hxxp://support.eset.com/kb332/for a full list.  That won't take much effort (he laughs to himself...)

[goodgary 0]

I have been testing ERA6 and came across the same issue.

We have installed ERA server in Azure and we have an ERA proxy and ERA HTTP(tomcat) proxy installed at our test site.

Communications between the ERA server <--> ERA Proxy <--> Client endpoints work fine, however clients fail to activate unless we allow the client out to the internet.  We have set the end point policy to use the tomcat proxy for both updates and internet access but it still doesn't work. To me it looks like the ESET HTTP proxy doesnt allow comms to the servers ESET are using to activate.

[MichalJ 434]

Which version of ERA Server are you using? How have you installed the Apache HTTP proxy on your test site? We might be able to troubleshoot based on the version numbers. Endpoint 6.4+ has an option to communicate with ESET servers directly, when the connection to the proxy is not available.

[VlP 0]

Hi.

I had same problem with activation Eset File Security 6.5 via ERA 6.5. I must disable this option in policy in EFS: Use direct connection if proxy is not available:

I think this is bug, because proxy is available, but Eset try direct connection first for activation.