Jump to content

Linux ERA6 won't show informations


See182
 Share

Recommended Posts

Hello,

I'm currently using the Linux Appliance with ERA6 running on it. I can deploy the agents and install the software remotly, but the server will not show me any informations. The only machine that is shown at the dashboard, is the ERA machine itself, all others aren't on the list although the server with the agent installed on it, have the right settings.

 

 

Thank you.

Link to comment
Share on other sites

  • ESET Staff

Could you please check AGENT's status log on one of client's located at C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html or C:\Documents and Settings\All Users\Application Data\Eset\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.hmtl? Log shows most significant error and whether AGENT is/was able to connect to SERVER.

In case mentioned log won't be available, please check whether ESET Remote Administrator Agent is actually installed on clients  as we had a bug that caused installation failure, but success was reported to SERVER - this applies especially for deployment using remote installation task.

In case status of AGENT installation will be "green" and successful connections to ERA will be reported, please try to restart SERVER's service in OVA - it may be known bug from previous versions of ERA which we cannot exclude as you have not mentioned version of ERA or OVA.

Link to comment
Share on other sites

I too have had issues with ERA 6/ESET 4 for Linux endpoint.  I have seen where the client will just disappear out of my ERA console as if it was never there, and then it will just reappears at random times. Unable to find via IP or hostname.  

Link to comment
Share on other sites

Could you please check AGENT's status log on one of client's located at C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html or C:\Documents and Settings\All Users\Application Data\Eset\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.hmtl? Log shows most significant error and whether AGENT is/was able to connect to SERVER.

In case mentioned log won't be available, please check whether ESET Remote Administrator Agent is actually installed on clients  as we had a bug that caused installation failure, but success was reported to SERVER - this applies especially for deployment using remote installation task.

In case status of AGENT installation will be "green" and successful connections to ERA will be reported, please try to restart SERVER's service in OVA - it may be known bug from previous versions of ERA which we cannot exclude as you have not mentioned version of ERA or OVA.

 

Okay first the informations:

I've download the virtuall appliance of the ESET webpage and these are the versions fo the ERA Server:

ESET Remote Administrator (Server), Version 6.4.304.0

ESET Remote Administrator (Webconsole), Version 6.4.280.0

CentOS (64-bit), Version 7.2.1511

 

I've installed the agent manually on one server and the log file contains three failures.

 

Status log Scope Time Text Last replication 2016-Sep-21 07:51:16 Error: CReplicationManager: Replication (network) connection to 'host: "carimgt5" port: 2222' failed with: Connection closed by remote peer for session id 14030 Peer certificate 2016-Sep-20 10:57:49 Error
  • Agent peer certificate with subject 'CN=Agent Zertifikat für Hosts, O="NAME HAS BEEN REMOVED"., L=Worms, S=Rheinland-Pfalz, C=DE' issued by 'CN="NAME HAS BEEN REMOVED", O="NAME HAS BEEN REMOVED", L=Worms, S=Rheinland-Pfalz, C=DE' with serial number '"HAS BEEN REMOVED"' is invalid now (NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain)
  • Peer certificate may be valid but can not be verified on this machine
  • Check time validity and presence of issuing certification authority
Replication security 2016-Sep-21 07:51:16 Error: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
  • Remote host: STVERA1
  • Remote machine certificate is not trusted because signing certificates (CAs) are not trusted or found in system/agent database
  • Check if signing certificate authority was used during installation of agent or installed in system

 

I think I've made something wrong with the certificate :D

Link to comment
Share on other sites

  • ESET Staff

Replication security 2016-Sep-21 07:51:16 Error: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain

 

This means that AGENT does not trust SERVER's certificate because it is missing its CA certificate. You have most probably installed AGENT with wrong CA certificate - AGENT expects CA certificate that was used to sign SERVER's certificate. I guess you have multiple CA certificates and you have choose wrong one - is this the case?

Link to comment
Share on other sites

 

Replication security 2016-Sep-21 07:51:16 Error: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain

 

This means that AGENT does not trust SERVER's certificate because it is missing its CA certificate. You have most probably installed AGENT with wrong CA certificate - AGENT expects CA certificate that was used to sign SERVER's certificate. I guess you have multiple CA certificates and you have choose wrong one - is this the case?

 

 

Well I've got one CA and four peer certificates. I've created all of them and delete the ones that came from scratch.

Edited by See182
Link to comment
Share on other sites

So I just factory reseted my OVA and everything works as soon as I use the default CA and default peer certificates.

If I use an own CA it doens't work. So am I doing something wrong by creating a new CA?

Edited by See182
Link to comment
Share on other sites

  • ESET Staff

Please provide more details - you have created nee CA certificate in ERA (= using ERA) or you imported it from somewhere else? In case you created CA using ERA, have you also used ti to create new peer certificates? If you, you created new SERVER's and AGENT's certificates?

Link to comment
Share on other sites

Please provide more details - you have created nee CA certificate in ERA (= using ERA) or you imported it from somewhere else? In case you created CA using ERA, have you also used ti to create new peer certificates? If you, you created new SERVER's and AGENT's certificates?

 

Okay so I used the ERA WebGUI to create a new CA under Admin - Certificates - CA | Action - New.

There I fill in all the Gapps with a Passphrase and thats it actually.

Link to comment
Share on other sites

  • ESET Staff

So that means you have not changes SERVER's certificate in it's configuration? In that case your SERVER is still using certificate that was generated during setup, signed by CA certificate that was also generated during installation -> which means AGENT's must be installed with this original CA certificate.

 

What was purpose of generating new CA certificate? We can provide steps in case you specify your scenario.

Link to comment
Share on other sites

So that means you have not changes SERVER's certificate in it's configuration? In that case your SERVER is still using certificate that was generated during setup, signed by CA certificate that was also generated during installation -> which means AGENT's must be installed with this original CA certificate.

 

What was purpose of generating new CA certificate? We can provide steps in case you specify your scenario.

 

Okay I already thought that would be the problem. My pupose of the own CA was that I wanted to create for each of our servers. So I don't have everything in one CA and in one Server.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...