setting up agents for dial up machines

[chaddu1256]

We have a few machines that connect to the internet with dial up accounts. I was wondering how we get them to tag our ePolicy server. I set up a test machine with my home dial up account to test and see if the agent could connect to our server. We then gave our server a conduit IP address to put it out to the web. We also opened the ports that our ePolicy server uses but when i dial up to the isp with the test machine the agent cannot tag the server still. It sits there for a min or so and then says failed to connect. I checked the siteinfo.ini file and the last known ip address is correct and so are all the ports. Any idea how to get this computer to tag the server?

 

[AVChap]

Here are some options to try:

1. Try assigning a routable IP address to the ePO server, in addition to the internal IP address.
2. Using DNS. Assign an IP address to the external FW interface, the do a NAT to the internal ePO IP. Make sure that your firewall rule allows only port 80 (or whatever port you assigned for ASC) from that IP to the ePO server.

HTH, AVChap
... my $1 worth of advise, 2cents isn't enough due to inflation

 

[chaddu1256]

I have all ready made a conduit in the firewall to the ePolicy server. I specified an outside ip address. It is live to the world.

I have opened the ePolicy's ports in the firewall (tcp and udp).

I opened the terminal services port also just to make sure the conduit is ponted to the correct machine. I terminal serviced into the server over the dial-up.

I can count the hits on the ports that I have opened. The epolicy agentis not even hitting the opened ports.

 

[AVChap]

You need to check the LastKnownIP value of the ePO agent. You can find this in the SITEINFO.INI file. I believe this is still pointing to the INTERNAL IP address. If so, you may need to manually change this to the routable IP address.
BUT, this will be changed when the agent talks to the server back to the internal address.

The best option would be to assign a routable IP directly to the ePO's NIC and let the firewall pass traffic to this address directly, restricting it to only HTTP on port 80.

HTH, AVChap
... my $1 worth of advise, 2cents isn't enough due to inflation

 

[chaddu1256]

The SITEINFO.INI file does have the routable ip address in it.

I do have the ePO Server set with a static IP and a DNS entry.

That static IP is routed directly to the ePO server with the http ports open.

As far as we can tell the agent is not hitting that IP. We don't know why.

Keep in mind when we dial up, we are dialing up to a foreign network and are trying to connect to the ePO server over the internet.

 

[AVChap]

Try this:

From the dial-up machine, PING the IP address of the ePO server using port 80. If the server responds, it should be able to receive the agent communication.

HTH, AVChap
... my $1 worth of advise, 2cents isn't enough due to inflation