I’m testing CESM in my company and almost everything works fine for me, but there is one little problem. When I’m trying to log in to CESM service from remote computer I get such alert ‘Cannot reach destination server’. I have no problem when I’m doing this from computer where CESM service is running, but error appears when I’m trying to connect from different workstation.
I’m using static ip adresses, workgroup type of network, CESM server is on Windows 7 Ultimate with MS SQL Server Express, remote computer uses Windows XP Pro SP3. I’ve even set up Offline Update Server and it works perfect so I’m wondering where is the problem? Windows firewall are disabled on both, server and remote computers. Any idea?
best regards
yackooza
PS. Sorry for grammar mistakes, English isn’t my native language.
I’ve removed firewall(CIS stand alone version) from server, opened ports 9001, 9901 and add CESM service to trusted programs in inbound and outbound section of windows firewall. I even tried with turned off Windows Firewall and still the same situation.
I’ve noticed one more thing. When firewall in Comodo Endpoint Internet Security on workstation is disable I don’t get ‘cannot reach destination server’ message but it just brings me back to the authorization window without any alert.
I would recommend not installing CIS on the CESM server. It tends to complicate things. If you want CIS on the server I would only have the A/V running. Disable Defense+, Firewall, and Sandbox. Also, turn off the Windows Firewall, but make sure you disable it from the Control Panel then disable the service.
When connecting to the CESM from your machine make sure you use the workgroup for the login. For example username: etaftm@workgroup.
I would also try disabling all CIS on that workstation to verify that it isn’t blocking the CESM console.
P.S. Do you have the CESM agent on that workstation. If so, does it show you as connected in the CESM console?
I’ve removed CIS from server, but when I’m stoping windows firewall service a cannot ping server from workstation(both ip and name) so i left it on. That’s quite strange.
As you said I also disable CIS on workstation, log from firewall says it has bloked connection from cesm console.
I have agent installed on workstation and it works fine. I can manage workstation from CESM console installed on server.
I think I missed something at the beginning. Right now I’m not getting ‘cannot reach destination server’ message but it keeps backing me to authorization menu so the problem is in login/password setup. You said that I should use username from workgroup, maybe it’s silly quastion but where do I have to set up these usernames and passwords? I understand that I should type it in the custom credentials boxes…?
Workgroups can be a pain because there isn’t a central server for all machines to get username and password from i.e. Active Directory. So you will need to use admin account of the server that CESM is on or an account with Admin right and Crmusers local group on that workstation for the CESM server. So on the CESM console on your workstation you will type in the username@workgroup then password. Typically you don’t have to enter the @workgroup part, but I have found it more success to use it especially on a windows domain. Here is a online guide if you want to take a quick look thru to make sure you got everything setup correctly. Comodo Help
Also just a quick question… Did you push the CIS from the CESM console?