RA Server & roaming clients

Discussion in 'Other ESET Home Products' started by nb1, Mar 8, 2010.

Thread Status:
Not open for further replies.
  1. nb1

    nb1 Registered Member

    Joined:
    Mar 8, 2010
    Posts:
    3
    Hi,

    I'm using several RA servers replicating to a central server and have set up policy rules to apply to laptops based on their IP address, so when at a different site they automatically talk to the local server for admin and updates. The problem I have (and from what I've read others do as well) is that when a device talks to a different primary server it gets logged twice on the central server and so takes up two licenses. I've turned on the mac renaming function but this issue still remains whenever a device talks to a different RA server.

    What is the best approach to use for this scenario? I want to obviously keep WAN traffic to a minimum and also avoid duplicate license usage for roaming devices. Should I keep the RAS server the same and only change the update server when moving between sites? Anyone care to share your approach to this?

    Thanks
     
  2. nb1

    nb1 Registered Member

    Joined:
    Mar 8, 2010
    Posts:
    3
    I should add this is a problem also when clients fail over to a secondary RA server. For example last night I rebooted an RA server and all the clients successfully contacted their secondary RA server instead. Now all these clients have two entries, one on each RA server which when replicated back to the parent server shows them as using two licenses each. Anyone found a resolution to this?
     
  3. briwlls

    briwlls Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    25
    We have six branch sites with downstream ESET servers as well, I'm curious how did you setup this roaming function for the client to look to the closest ERAS?
     
  4. nb1

    nb1 Registered Member

    Joined:
    Mar 8, 2010
    Posts:
    3
    I have a base policy on the parent server with all configuration on it. Then I have a child policy from this, one for each site. The child policy has only configuration for the RA server and update server. It is set to override the base policy.

    Base Policy
    |-Clients @ site 1
    |-Clients @ site 2
    |-Clients @ site 3

    These are all set up on the parent server and set to down replicate. Now if you assign the policy 'Clients @ site 1' then that client will look to site 1's RA and update server for its stuff.

    To auto assign, I set up policy rules on each server to assign the 'clients @' policy based on IP subnet of the client. So when a client connects to an RA server from the 192.168.2.x subnet, the RA server assigns the policy to the client for the policy 'Clients @ site 2'. Thereafter the client connects to site 2's servers, until its IP changes again.

    Hope that all makes sense.
     
Thread Status:
Not open for further replies.