[KB8181] Configure the trusted zone in an ESET Endpoint Security deployment to prevent loss of network connectivity in ESET PROTECT On-Prem

Issue

Solution

Add the IP range/subnets to the trusted zone before deploying ESET Endpoint Security

To resolve your RDP/ping not working issue, configure the trusted zone with the IPv4 and Remote IP addresses, ranges, masks, and subnets (for example, any VPN networks and all subnets inside your network). 

  1. Open ESET PROTECT On-Prem in your web browser and log in.

  2. Click Policies, select the desired Built-in policy and then click ActionsNew Policy.

Figure 1-1
Click the image to view larger in new window
  1. Type a name for the new policy into the Name field. The Description field is optional.

Figure 1-2
Click the image to view larger in new window
  1. Click Settings, expand Network protectionZones and click Edit next to Zones.

Figure 1-3
Click the image to view larger in new window
  1. Select Trusted zone and click Edit

Figure 1-4
  1. In the Remote computer address field, add your IPv4 and Remote IP addresses, ranges, masks, and subnets (for example, any VPN networks and all subnets inside your network), and then click OK.

Figure 1-5
  1. Click Assign → Assign. Read more about assigning a policy to a client or a group.

  2. Select the check boxes next to separate clients or next to each static or dynamic group you want this policy assigned to and click OK.

  3. Click Finish to save your policy. When the system checks into ESET PROTECT On-Prem with the new settings, you can deploy ESET Endpoint Security to your network. 


Edit or disable Firewall rules in ESET PROTECT On-Prem

  1. Open ESET PROTECT On-Prem in your web browser and log in.

  2. Click Policies, select the desired Built-in policy and then click ActionsNew Policy.

  3. Type a name for the new policy into the Name field. The Description field is optional.

  4. Click Settings, expand Network protection, click Firewall, expand Advanced and then click Edit next to Rules.

Figure 2-1
Click the image to view larger in new window 
  1. Select the check box next to Show built in (predefined) rules. Deselect the check boxes next to Block incoming NETBIOS requests and Block incoming RPC requests and click OK.

Figure 2-2
Click the image to view larger in new window 
Modify built-in rules to resolve RDP connection issues

You can modify the built-in rules to troubleshoot port connection issues, such as allowing RDP for non-default or custom ports. To review the built-in rules, click the check box Show built in (predefined) rules as shown in Figure 2-2 above.

For more information about how to modify built-in rules, visit our Online Help topic.

  1. Click Assign → Assign. Read more about assigning a policy to a client or a group.

  2. Select the check boxes next to separate clients or next to each static or dynamic group you want this policy assigned to and click OK.
  3. Click Finish to save your policy. When the system checks into ESET PROTECT On-Prem with the new settings, you can deploy ESET Endpoint Security to your network.