Video Screencast Help

Agent Communication Over The Internet

Created: 27 Feb 2013 • Updated: 27 Feb 2013 | 1 comment

I am currently investigating an issue and have a working theory I wanted to run by the forums. 

First, we are running SMP 7.1.  Our public website recently went down with a flood of requests to our internal management server address.  I believe this could be caused by the agent installed on clients that work remotely and are not on our network attempting to report in to the server.  The hosting company logs regular requests to that server on their end.  I was hoping to simply prevent agents from attempting to contact the server when off the network and on the internet. 

Any help or tips would be appreciated.  Thanks.

Operating Systems:

Comments 1 CommentJump to latest comment

andykn101's picture

I don't think there's any easy way to do this as it appears your agents think they're on the network. A workaround might be a hosts file on each client PC that gives the internal only IP address of your server. One option might be to enter the IP address of the server instead of the name in the Advanced tab of the Targeted Agent Configuration Settings. Or, have a DNS alias for the server and put that there instead of the IP address.

My understanding of a longer term solution is that your internal DNS names should be not resolvable from the internet or at least be a different domain name from your public website.

So Microsoft would, say, use servername.Microsoft.local for their internal servers.

Authorised Symantec Consultant (ASC) with Endpoint Management Limited, an Authorised Symantec Delivery Provider based in the UK.

Connect Etiquette: Please "Mark as Solution" posts that fix your problem.