I try to install the GravityZone - Bitdefender antivirus in my network.
The NethServer server blocks my ports. Antivirus does not connect with the cloud.
I need to open ports: 80, 443, 8443, 7074.
The first two look open. I’m trying to do it through PortForwarding.
Unfortunately it does not work. Maybe a command line?
Can anyone help? NethServer always surprises me with something
No. Installs from a PC. The PC is “Relay”. He will be sending packages.
But that is not the point.
A single instalation does not connect with the cloud. I did the test. I connected the computer to the LTE network. And everything works.
NethServer blocks my anti-virus. Sure ports.
I have not changed anything.
The server works as DHCP, network filter and samba.
I saw this list. Maybe I need to add more ports? The producer notes that it requires these 4 ports from the first post.
I have to move now. So the conversation will be limited. Of course, I will read all suggestions!
Do you mean web content filter?
It has an option to block access to web sites using IP. Some antivirus get their updates via direct access to IP so deactivating it may help:
Can you check which ports are used incoming/outgoing via /var/log/firewall.log to see which ports are blocked?
You may also check it on your computer with LTE.
Sorry, I still don’t get how this Gravityzone thing works. Is it just an antivirus client or does it have an internal management server which needs the open ports for internal network?
For his version of Bitdefender GravityZone, the management is on cloud.
On computers (WSs, Servers, …) must be installed a “client”.
The update of the client is done from Cloud. Also, the client communicate all time with the Management Console from Cloud.
Usual, during installation of the client, the installer software automatically open local firewall ports for communication with the Cloud. Connecting the WS direct to LTE, the client communicate with the Cloud. So, is not a WS issue.
Check the outbound path on NS (also @pike suggested that):
For testing only, create an “any to any” rule, from GREEN to RED to see if in this case everything is OK.
If yes, disable the rule and create another rule from GREEN to RED with 8443 and 7074 ports, opened, and check again.
Also, check the proxy path, as @mrmarkuz suggested. Do you use Proxy with SSL?
Did you have a router between NS and ISP? Maybe the issue is there.
PS:
You may need also a port forwarding rule (Inbound traffic) on NS, from RED to GREEN to open 7074 port for “Communication messages received from endpoints linked to Endpoint Security Relay”, if available.
Yes, but as requirement, even if in the lan there is or there is not a server, at least one PC must be installed as “relay”.
"Warning
The first machine on which you install protection must have Relay role, otherwise you will not be able to deploy the security agent on other endpoints in the network.
The Relay machine must be powered-on and online in order for the clients to communicate with Control Center."
Just as my friends wrote. You can install it on a server or on one computer (Realy) that sends packets. I chose the second version.
I’m ashamed, but I do not know how to open these ports: / How do I switch GREEN to RED?
Can i am turn it on the panel? Is there only a command line?
I can attach logs to you if it helps with anything.
Thank you again!
It was enough to deselect the Filter in the web content filter.
Thanks, thanks, thanks @mrmarkuz and @GG_jr
The rest will be useful for the future.