some problem we have right now.
We set up an agent handler in a dmz.
The agent handler is allowed to send information to the ePO-Server.
That works fine so far. If a virus is found on a system outside our company network, it reports to the ah and the ah to the epo.
But we don´t want the ah to communicate with the epo the other way. So we blocked the ports the other direction so that the ah can´t request update-packages for the "outside-clients".
This also works, the client tries to download but says couldn´t download from repository.
Now we expected that the client would look for the next repository in our list. That would be http-mcafee.
But there is nothing happening. He only looks for the epo-repository, can´t download and thats it. No McAfee-http is called!!!
And yes, the http-repo is activated
You'll have slightly crippled the AH by doing this, but not fatally
Easiest option is probably to configure the agent policy for clients using that AH to have the master repository disabled: that way they won't even try.
yes you´re right, but the problem is we have one policy for all clients.
And i can´t organize those external clients in a special group with an extra policy, because they work partly inhouse and partly outside.
So they would always pull McAfee-http update even inside our network!
I thougt as reading the manual, that if the clients isn´t successful downloading from the first source he´s taking the next one.Nachricht geändert durch Daniel_S on 24.08.11 04:33:31 CDT
Okay - what's probably happening here is that there are enough files present on the AH to make the client machine think this repository is available - so it tries to update from it. But since the dat and engine files are not available, the update fails.
Try deleting the entire contents of the repocache folder on the AH (or move them to a different location, if you prefer.) Then try the update again - does this help?
Okay, he still says he can´t download from the ah and then exits, without trying http-McAfee.
Error downloading catalog.z.
Tho uploading events from the clients via ah to the epo ist still working fine.Nachricht geändert durch Daniel_S on 24.08.11 06:03:42 CDT