1 Reply Latest reply on Jul 2, 2010 12:12 PM by djjava9

    How to manage clients within the DMZ (using an Agent Handler)

    McB

      Hi,

       

      I've installed a Agent Handler in the DMZ with all required ports open based on the McAfee Whitepaper.

      The Agent Handler is reachable by the ePO server, the clients behind the Agent Handler can only communicate with the Agent Handler not directly to the ePO server.

      Client communicates fine with the DMZ Agent Handler, but the agents could not be woken up by the ePO server. Also it isn't possible to show the agent log via the ePO server.

      Administrators were unable to perform direct manipulations of the agents.

      How can we handle this?

       

      Thanks,

      McB

        • 1. Re: How to manage clients within the DMZ (using an Agent Handler)
          djjava9

          if your AH is in the DMZ and your clients i assume are out on the internet then they are coming from behind some kind of router, like a linksys home router or cable modem.  its impossible for the AH to be able to wake them up.  the ip address for the agent would 192.168.1.101 and its behind a router, so if you tell the AH to wake up the agent it will attempt to hit 192.168.1.101 which of course you cant get to from the Internet.  But agents will be able to reach the AH from the Internet on their regularly scheduled ASCI which is the most important part.....so yes you cant wake them up but they will call be able to send events and check for policies at every ASCI which is really what you care about.