1 2 Previous Next 11 Replies Latest reply on Jun 3, 2009 11:51 AM by regcoles

    ePO and Linux Servers in DMZ

    regcoles
      Hi,

      I have got two RH Linux Servers in a DMZ which I would like to manage via ePO. The ePO server sits in the internal network and manages all computers/laptops on domain. Using ePO 4.0 with latest patch. Installed LinuxShield 1.5.1 on servers and Linux agents created from ePO server.
      Using KB59218 I selected Solution 3 but the Linux Servers are still not been seen by ePO server. I have manually added the servers to ePO and sent wakup calls which ePO says completed. Can ping Linux servers from ePO server and visa versa but nothing. Any ideas.

      Regards
      Reg
        • 1. RE: ePO and Linux Servers in DMZ
          jmaxwell
          Are you also allowing all the ePO configured ports that are requiered (from Solution 1 in the KB Article) through the firewall ?
          • 2. DMZ Linux
            regcoles
            Hi JMaxwell,

            I was told by McAfee Tech Support I didn't have to open the ports at it was using the host file and the changes made to the sewrver.ini file. I think I will try with the following ports open just to the ePO Server: 80, 8081. Not worried about 8443 RSD etc as I know there are only two servers in DMZ. The only other port open at present between ePO server and DMZ is 55443 which is the web console port for LinuxShield.

            Will let you know haow it goes.

            Reg
            • 3. RE: DMZ Linux
              jmaxwell
              You definitely still need the necessary ports open to talk on the ports configured for your agent and ePO server - all solution 3 does is allow the server IP to be reolved - although I don't actually understand how - and this is quite different to allowing TCP communication through your firewall.

              Jim
              • 4. DMZ Linux
                regcoles
                Opened the following ports 80,8081,8082 and 554433 both ways, restarted the CMA on servers and did a wakeup call from ePO server - nothing.
                Any suggestions are how I can get these Linux Servers to be seen by ePO.

                Regards
                Reg
                • 5. RE: DMZ Linux
                  jmaxwell
                  Just a thought - have you checked in your Lost&Found groups in case the servers are reporting with a slighly different name ?

                  Also what's in the agent log on the remote servers ?
                  • 6. RE: DMZ Linux
                    regcoles
                    Looked in all lost and found - nothing, no duplicates either. Where would the location of the agent log be on linux, not the best on linux.
                    • 7. RE: DMZ Linux
                      jmaxwell
                      Try accessing it remotely from the ePO server via web browser on te remote agent communication port you set up e.g. http://servername:8081.

                      Jim
                      • 8. RE: DMZ Linux
                        regcoles
                        Hi Jim,

                        Cannot access the server from web page tried locally as well and no luck, have asked the network guys to make sure ports are open, only other option i have is maybe to un-install agent and then re-install. Thoughts?

                        Reg
                        • 9. RE: DMZ Linux
                          jmaxwell
                          It's always worth a try.

                          I was trying to find some info. on what daemons/processes you should have running under Linux if the agent is active but I can't seem to find any details and don't have any Linux clients to check here.....

                          JIm
                          1 2 Previous Next