This weekend I installed CESM on my LAN at home consisting of:
1 pc Windows XP Pro SP3 on which I installed CESM and CIS_ESM (Firewall Security conf.) , and
1 pc Windows XP Pro SP3 on which I installed CIS_ESM (Firewall Security conf.)
This works fine.
This LAN sits behind a router with internet address 84.81.xxx.yyy. The internal addresses are 192.168.0.2 and 192.168.0.3 resp.
Now for the problem:
I have another computer at an ISP, with internet address: 213.193.aaa.bbb (Win2003 server)
I wanted to also install CIS_ESM on this one, but could not do that directly from the CESM server (84.81.xxx.yyy / 192.168.0.2).
So, I built the installation files, uploaded them to the remote computer (213.193.aaa.bbb) and got them installed with a little trick:
I changed the value of key Address1 in setup.ini (in the same directory where CesmAgent_x86_0.9.0.0.msi is located) from '192.168.0.2' to '84.81.xxx.yyy)
In brief: I got both, the agent and CIS_ESM, installed on the remote computer ...
But when I switch to 'Remote Administrator Mode' on the remote pc, I still cannot connect the remote PC from the CESM console.
If I look at the active connections in the Firewall Tasks > View Active Connections screen on the remote pc, i see that it is trying to connect from 213.193.aaa.bbb:1625 to 192.168.0.2:9901
This is not correct; it should be from 213.193.aaa.bbb:1625 to 84.81.xxx.yyy:9901
Apparently CESM is inserting the local LAN address into the installation package, which runs OK on the local LAN.
1. Can one attach a remote PC (outside my LAN, on the internet somewhere) to a CESM-server that is on an internal LAN behind a router with an external address?
2. If so, how can I force CESM to insert the external address in the installation package for the agent? Or can i tweak some values somewhere?
Thanks for any suggestion.