SiwekP 0 Posted August 18, 2015 Posted August 18, 2015 hi there, i can't seem to ping the Eset Remote Administration Server ? when trying a previous deployment i could no problems, this maybe a rookie mistake but i just can't think why, any ideas anyone ? I have deployed the agent to a test computer. i can see the agent is running on the test computer. I've opened all the ports needed that i can see in the quick start guide. i don't get any updates on the Eset server from the computer, so no OS info etc etc. Eset Endpoint Antivirus Install task doesn't seem to run. there may be more than one issue here, i feel like i'm just banging my had against a brick wall. Hellllpppp
jimwillsher 65 Posted August 18, 2015 Posted August 18, 2015 By default, later versions of windows server do not reply to points, you need to add a firewall exclusion for ICMP each reply. What shows in the agent log on the PC that's trying to communicate with the server? C::\ProgramData\ESET\blah From memory, only port 2222 is required for successfully comms.
SiwekP 0 Posted August 19, 2015 Author Posted August 19, 2015 hi this is not a windows server, it's the CentOS 6.6 distro of ESET Remote Administrator Console. the first time i deployed it using VCenter Console i had used a Hostname that was too long, but i could ping the ESET Server.. the main reason i ask about pinging the server is that i can't seem to get a connection from the test computer to ESET Server... but the Agent doesnt seem to report back to the Eset server. i can see the listening ports are open on the test computer (i've opened all of them to be sure) i'm sure it's something simple that i'm just not seeing.
SiwekP 0 Posted August 21, 2015 Author Posted August 21, 2015 ok, so while the server is rebooting (booting up CentOS 6.6) i can ping the server, but once the ESET software has loaded up, i guess this is blocking ping replies. however everything now seems to be working as it should.
bluo212 0 Posted December 3, 2015 Posted December 3, 2015 FYI found the answer. Needed to comment out the line below in /etc/sysconfig/iptables -A INPUT -j REJECT --reject-with icml-host-prohibited
ESET Insiders BDeep 7 Posted December 5, 2015 ESET Insiders Posted December 5, 2015 Not sure if I like this feature in the CentOS OVAs or am going to comment out the line to allow ICMP. I am monitoring our global ESET servers via TCP "ping" on port 2222 (more of a TCP connection versus a true ICMP ping). I can see how this is a security "feature" but if an adversary knows the IP or hostname of my ESET servers then ICMP returning a "pong" reply is the least of my problems.
Recommended Posts