NOD32 Server in DMZ

Discussion in 'ESET NOD32 Antivirus' started by limberpine, Oct 22, 2009.

Thread Status:
Not open for further replies.
  1. limberpine

    limberpine Registered Member

    Joined:
    Jun 11, 2009
    Posts:
    2
    I have installed a new NOD32 server (running RAC & RAS 3.1.11) in our DMZ. Our old NOD32 server is still out there handing out NOD32 version 2. This is the first time I have set up a NOD32 server and I am a newbie. I apologize in advance if these questions are ignorant.....so sorry...

    1. Can you update PC's inside the network(LAN side) from a DMZ?? I have the ports turned on according to the manual(2221-2224,2846,137-9, & 445)?? (I can get it to update machines in the DMZ.....)But, I get errors trying to update inside the LAN. My diagnostics info is listed below.

    Computer: 10.192.120.62
    Get Info Diagnostics, server: FWPHLNNOD321, user: hotdog1
    Setting IPC$ Connection Result Code: 1203 (No network provider accepted the given network path.)
    Remote Registry Connecting (OS Info) Result Code: 1460 (This operation returned because the timeout period expired.)
    Remote Registry Connecting (ESET Security Product Info) Result Code: 1460 (This operation returned because the timeout period expired.)
    Remote Install Diagnostics, server: Fwphlnnod001, user: hotdog1
    Setting ADMIN$ Connection Result Code: 1203 (No network provider accepted the given network path.)
    Setting IPC$ Connection Result Code: 1203 (No network provider accepted the given network path.)
    Registering ESET Installer as a Service Result Code: 1722 (The RPC server is unavailable.)

    2. We have a whole bunch of version 2 clients. Does anyone have the instructions on how to modify the XML file to point to the new v.4 server? Or do you just point it to that server and specific the 2. directory in the mirror directory?

    3. Is there a way to test that the ports you have are really open? I have used a port scanner from the Net and it says they aren't open...however...the IT mother ship says YES we opened them....

    Any help would be much appreciated....*bows deeply*
    -Limberpine
     
  2. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    Just as a curiosity, why is it in your DMZ vs. on the LAN?

    As to testing ports, download netcat for windows, stop all the NOD32 services, and run netcat on the server to listen on the port(s) you believe are open, and try and telnet to those ports from your clients.
     
  3. GMF2009

    GMF2009 Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    4
    Is your FW rule bi-directional? LAN-->DMZ you only need 2222 but if you require the DMZ to commicated with LAN you must allow 2222 back in.

    IMHO,
    Greg
     
  4. limberpine

    limberpine Registered Member

    Joined:
    Jun 11, 2009
    Posts:
    2
    We have our NOD server sitting in the DMZ in order to update clients that are outside the network.

    I can ping machines inside the network, but get ipc$ errors when trying to connect. It is like the authentication doesn't work right....

    Can you install a RAC inside the network to communicate with the RAS in the DMZ and push everything from this console? Or does it all initial from the RAS itself?

    P.S. Has anyone had any luck pushing NOD32 v.4 packages out using ZEN 10?
     
Thread Status:
Not open for further replies.