Escolar Documentos
Profissional Documentos
Cultura Documentos
Summary:
Sometimes after troubleshooting or from pre-existing knowledge, it becomes necessary to change the Central Policy (CP) port that Blink and the Application Bus
use for communication to the REM Console. The default CP port is 2000. The instructions below indicate how to modify REM and REM deployment packages to
communicate via an alternate port. This is commonly used in environments that use the CISCO VOIP Solutions that generally run on port 2000, or on any network
that is already using port 2000 for other software.
Procedure:
1. Change the registry keys below. These are an example for using port 2001.
[HKEY_LOCAL_MACHINE\SOFTWARE\eEye\ApplicationBus\Protocols\RequestResponse\AnonClient]
"Port"=dword:000007d1
[HKEY_LOCAL_MACHINE\SOFTWARE\eEye\ApplicationBus\Protocols\RequestResponse\AnonServer]
"Port"=dword:000007d1
[HKEY_LOCAL_MACHINE\SOFTWARE\eEye\ApplicationBus\Protocols\RequestResponse\Client]
"port"=dword:000007d1
[HKEY_LOCAL_MACHINE\SOFTWARE\eEye\ApplicationBus\Protocols\RequestResponse\Deployment]
"port"=dword:000007d1
[HKEY_LOCAL_MACHINE\SOFTWARE\eEye\ApplicationBus\Protocols\RequestResponse\Server]
"port"=dword:000007d1
Note: Please ensure when adding your values use the decimal radial.
2. Edit the 'eeyeremoteinstall.ini' file in 'C:\Program Files\Common Files\eEye Digital Security\Shared Services Host\data\remoteservice'
3. Search for the portion that says 'port=2000' and change the numbered section to the port you wish to use. e.g. 'port=2001'
4. Edit the Package File for the Blink installation manually this file is located by default in 'C:\Program Files\Common Files\eEye Digital Security\Shared Services
Host\data\Packages' and will have the name of the package within the XML files. Please make sure you change the one you're attempting to deploy. You will want
to add the 'APPBUSPORT=XXXX' portion to the command parameter XML tag within this file.
Example:
Here is an example of an unmodified 'eeyeremoteinstall.ini'
Keywords: Blink, Remote Deployment, Remote, Deployment, Port Change, Cisco Skinny
Summary: The below steps are technical steps to assist in identifying reasons for an unsuccessful Blink deployment from the REM Management Console or 3rd
Party Package utility. Unsuccessful deployments from REM typically relate to environmental specific security settings like firewall settings, Windows GPO settings,
Step 1: Identify the deployment method and symptoms that you are seeing.
Step 2: Perform the suggestions made below according to the deployment method and the symptom.
Step 3: If symptom cannot be remedied by the given suggestions, perform the tests indicated (see TESTS section below).
Step 4: Depending on outcome of Tests, collect logs by following the Collecting Logs section.
----------------------------------------------------
----------------------------------------------------
1. Files are not copied over to the remote machine and Blink is not installed.
-Verify if the Network Access: Sharing and Security model is set to Classic mode (not on Guest Mode )
-Verify if is not the Windows Firewall or some other firewall stopping the file copy.
-If nothing works or if problem is not fixed, collect SSH logs while deploying (see Collecting Logs below)
2. Files are copied and the eeyeremoteinstall service is running on the agent
-If nothing works or if problem is not fixed, collect SSH Logs, RdLogs and Application Bus Logs
3. Blink starts unlicensed / asks for Registration / Doesnt take the policy
-Perform Tests: Step A, Step B, Step C, and Step D
-If nothing works or if problem is not fixed, collect SSH Logs, RdLogs and Application Bus Logs.
----------------------------------------------------
----------------------------------------------------
-Verify Windows Scripting Host 5.0 installed and running properly by opening a command prompt and typing "cscript".
-If 5.0 or higher is not installed, download and install it from Microsoft.com. Next retry the installer.
-If 5.0 or higher is already installed, collect all .log files from c:\Windows\Temp and any subdirectories in c:\Windows\Temp.
2. Blink starts unlicensed or asks for registration or doesn't obtain the policy.
-After performing the above tests, recreate the deployment package with the same settings as before and deploy (install) this new package.
-If problem is not fixed, collect SSH Logs, RdLogs and Application Bus Logs
----------------------------------------------------
TESTS
----------------------------------------------------
HOW TO -
2.) Enter the command (without quotes): "telnet [insert REM SERVER hostname] 2000" and press enter.
5.) If it does not disconnect, something along the route is stopping data packets on port 2000 (VPN, firewalls, etc.) The appropriate network personel will need to
investigate the issue.
Step B: Check for another application using port 2000 on both the Blink machine and REM machine
HOW TO -
5.) If there is anything listening on port TCP 2000, it needs to be stopped for deployment and Blink to function properly.
Step C: Verify that NTLM settings match on REM and the Blink machine. See Microsoft's explanation here for the appropriate setting and ensure all machines have
HOW TO -
5.) View the setting for "Network Security: LAN Manager Authentication Level"
7.) Repeat steps 2-5 and ensure the setting is the same.
HOW TO -
1.) In REM go to: Setup > Options > Proxy Settings and verify if the correct HTTP proxy settings are entered.
----------------------------------------------------
Collecting Logs
----------------------------------------------------
Summary: In order to collect logs (as asked for above), you must follow all sections A-C below to turn on log collection, then reproduce the problem (ie redeploy),
then go back and obtain the logs from the result of the reproduced issue. Once the logs have been obtained, you may undo the actions asked as to not degrade
your system performance. Once you obtain the logs, upload to your ticket on the Clients Portal.
3.) Locate eEye Shared Services Host, right click, and Stop
4.) Open Notepad and File - Open to C:\Program Files\Common Files\eEye Digital Security\Shared Services Host\eeyessh.exe.config
5.) Replace the line: <add name="TraceLevelSwitch" value="0" /> With: <add name="TraceLevelSwitch" value="4" />
7.) Collect the file C:\Program Files\Common Files\eEye Digital Security\Shared Services Host\SharedServicesTraceLog.txt
These files are in an RdLogs folder inside Blinks installation folder. Usually this is located at: c:\Program Files\eEye Digital Security\Blink\Rdlogs
If this folder does not exist, provide all .log files from C:\Windows\Temp (or C:\Windows\_Inst if it exists) and the file: "c:\Program Files\Common Files\eEye
Digital Security\SyncIt\debug_syncit.log"
3.) Locate all eEye services, right click, and Stop them all
6.) Right click eEye and choose New > Key and name it "Diagnostics" (without quotes).
9.) Locate all eEye services, right click, and Start them all
Blink & REM: How to Setup Blink and REM to communicate via the Internet using Fully Qualified Domain Name
REM & Blink: How to Setup Blink and REM to communicate via the Internet using FQDN
Summary:
Some customers because of their network environment, nature of doing business, or diverse network infrustructure, they require the ability for Blink and REM to
communicate over the internet using a fully qualified domain name (DNS name).
This article will discuss the steps for a software REM implementation to successfully communicate Blink policies and results to/from the REM Console (Central
Policy and REM Events). Some assumptions made in this article are basic networking knowledge and administrator rights on the machine.
Procedure: To configure REM and Blink communication via the internet using FQDN perform the following:
Add 2 or more String Values using your external IP address and external DNS name under this key with the value being empty (ie
"rem.company.com" = "")
Note: You may have to repeat step 13-15 for each existing policy in your REM. New policies are addressed with Step 6-7 above.
Conclusion:
In the summary, the steps above will allow you to utilize a fully qualified domain name (DNS) to allow policy updates internally or externally.
For any questions or unique environments, please open a support ticket via the Customer Portal to discuss with support.
Keywords: FQDN, Central Policy, machine name, internet, external policy updates