Endpoint Protection

 View Only

  • 1.  SEP Client firewall is blocking Nexthink agent remote push installation

    Posted Nov 15, 2015 08:56 AM

    Hello everyone , we are facing a problem would require your help and support to fix this problem. We are trying to deploy Nexthink agent remotely on endpoints which are protected by SEP firewall component running the version 12.1.6 MP2.  We have already added a firewall rule that is permiting traffic for any application when it is sourced from local machine ( remote is the IP of nexthink server) and service we have given the specific UDP port on which it deploys the agent but for some reasons it is not deploying the agent.

    Can you please tell us how can we fix this . Your kind help would be highly appreciated.

    Thanks



  • 2.  RE: SEP Client firewall is blocking Nexthink agent remote push installation

    Posted Nov 15, 2015 08:58 AM

    What is showing in the traffic log in terms of what is being blocked.

    You may need to add an allow rule with additional logging, see this:

    Troubleshoot blocked network traffic due to the Endpoint Protection firewall

    If you disable the SEP fw does it work then?

    Make sure all these ports are opened:

    https://doc.nexthink.com/Documentation/Nexthink/V5.2/InstallationAndConfiguration/Connectivityrequirements



  • 3.  RE: SEP Client firewall is blocking Nexthink agent remote push installation

    Posted Nov 15, 2015 09:07 AM

    Well we mostly have the default rules in place and in the end we have two default rules that is blocking all IP traffic and the second one that is blocking all other traffic triggering but we have added a rule at top to allow traffic (Local/Remote)  sourced from the remote server ( Nexthink server IP ) to Local with the specific UDP port but even now for some reasons it is not installing the agent remotely. 

    I haven't tried to disable SEP agent completely and try but adding the specfic rule for opening the port should fix the problem at the first place.

     

    Regards



  • 4.  RE: SEP Client firewall is blocking Nexthink agent remote push installation
    Best Answer

    Posted Nov 15, 2015 09:12 AM

    Then either a port was missed or it's not the SEP fw. Disabling and trying again will quickly tell you. If so then further investigation is needed to see what else needs to be added.



  • 5.  RE: SEP Client firewall is blocking Nexthink agent remote push installation

    Posted Nov 16, 2015 12:09 AM
    Can any 1 share with me steps for opening some specific UDP and TCP ports on the firewall ? Basically we have a management server that will push agents to endpoints on some specific UDP and TCP ports . We need to open these ports on endpoints so that agent can be pushed from management server and it will not be blocked by SEP firewall . Secondly once the agent is installed it will iniate an outbound connection towards the management port on a specific port am I required to open this port as well on SEP client for successful update ? Kindly share the steps . Thanks


  • 6.  RE: SEP Client firewall is blocking Nexthink agent remote push installation