[KB8181] Configure the trusted zone in an ESET Endpoint Security deployment to prevent loss of network connectivity in ESET PROTECT or ESET PROTECT On-Prem

• Prevent the loss of internet connectivity on client computers due to firewall settings when deploying ESET Endpoint Security
• Add the IP range/subnets to the trusted zone before deploying ESET Endpoint Security
• Edit or disable Firewall rules in ESET PROTECT or ESET PROTECT On-Prem

Add the IP range/subnets to the trusted zone before deploying ESET Endpoint Security

To resolve your RDP/ping issue, configure the trusted zone with the IPv4 and Remote IP addresses, ranges, masks, and subnets, including any VPN networks and all subnets inside your network. 

1. Open ESET PROTECT or ESET PROTECT On-Prem

2. Click Policies, select the desired Built-in policy and then click Actions → New Policy.

   

3. Type a name for the new policy into the Name field. The Description field is optional.

   

4. Click Settings → Protections → Network access protection and click Edit next to IP sets.

   

5. Select Trusted zone and click Edit. 

   

6. In the Remote computer address field, add your IPv4 and Remote IP addresses, ranges, masks, and subnets, including any VPN networks and all subnets inside your network. Click Save.

   

7. Click Assign → Assign. Read more about assigning a policy to a client or a group.

8. Select the check boxes next to separate clients or next to each static or dynamic group you want this policy assigned to and click OK.

9. Click Finish. When the system checks into ESET PROTECT or ESET PROTECT On-Prem with the new settings, you can deploy ESET Endpoint Security to your network. 

Edit or disable Firewall rules in ESET PROTECT or ESET PROTECT On-Prem

1. Open the ESET PROTECT Web Console.

2. Click Policies, select the desired Built-in policy and click Actions → New Policy.

   

3. Type a name for the new policy into the Name field. The Description field is optional.

   

4. Click Settings → Protections → Network access protection, expand Firewall, and click Edit next to Rules.

   

5. Click More filters.

   

6. Select the check box next to Hide built-in (pre-defined) rules and click Apply.

   

7. Deselect the check boxes next to Block incoming NETBIOS requests and Block incoming RPC requests and click Save.

   Modify built-in rules to resolve RDP connection issues

   You can modify the built-in rules to troubleshoot port connection issues, such as allowing RDP for non-default or custom ports. To review the built-in rules, click the check box Show built in (predefined) rules as shown in Figure 2-2 above.

   For more information about how to modify built-in rules, visit our Online Help topic.