Thank you very much for this software which is very useful for managing home networks as well as commercial ones!
Now for my problem. When I try to update the CIS client in either of the endpoints, I get the error below. Both computers have internet access, disabling firewall has no effect. I can ping 22.214.171.124, but get inconsistent results, pinging 126.96.36.199:80 fails (not sure you can ping a port?). Telnet is installed but connection to 91.etc on port 23 fails, on port 80 hangs giving appended error. I do not generally have internet access problems.
I have noticed that when it checks for updates it does not wait long before giving the error below, maybe 0.5 of a second. Is the timeout rather short? Is there a re-try?
If I try manually updating the 2731 CIS version using the offline ESM updater downlaoded onto that machine it reports that it is up to date. Seems unlikely but maybe it is - is it? I realize that the CIS on my admin machine is up to date, I was just checking if the problem was machine-specific.
Win 7 SP1
ESM version attached
No other security software installed except various Comodo software
Managed CIS builds: Admin machine 2860, client 2731
One endpoint is on the ESM server. On the other it fails too, with a 400 error. No event in firewall log.
from your ESM console, could you please open the properties of each endpoint and let me know the version of CES you are using? could you also please tell me the version of ESM you are using?
In first post, but to re-iterate and be more specific. On ESM server I have CIS 2860 endpoint, on remote endpoint I have CES 2731
were the endpoints upgraded from a previous version of CIS/CES or were the CES agent freshly installed?
2860 was freshly installed manually apart from a 2708 (I think) config being imported. Mode is tailored Proactive minus HIPS.
2731 was freshly installed by the ESM server. Main config change HIPS & Firewall turned on.
I should say that ESM does not appear to ‘see’ CIS 2860
I think it was able to see past CIS versions as well as CES versions, but maybe I have that wrong.
What is the current highest CES version? I was trying to update because 2731 is a bit heavy on my remote XP machine. CIS 2860 seems more efficient than CIS 2708 on my server machine, so I thought am updated version of CES might run lighter on the XP machine.
Thanks for your prompt responses, much appreciated.
Yes it is logged by my hardware firewall as a passed outbound. And remember a response is being received ‘400: Bad request’. Perhaps someone could look at the server logs?
I tried port 23 and got connect failure, as you would expect, just to confirm it was connecting in the first case - the behavior is quite different. Basically on port 80 telnet appears to connect but hang. Presumably its not sure how to handle an http: error message. I get the error message when I ^C out of telnet. This is the basic windows telnet client which is pretty rubbish.
Using port 23 to identify the packet, I get a DNS translation of: 188.8.131.52. Is there an aberrant server?
Does updating ESM need a reboot - if so I will have to wait until next scheduled maintenance, I’m afraid. But I will do it then.
Please return to the Computers UI, click on ‘Add’, select IP Address,add one machine, follow the process through to where you get to ‘Packages’ and download the latest versions. Keep going until you need to click the ‘Finish’ button.