Endpoint Protection

 View Only
Expand all | Collapse all

Liveupdate Issue in DMZ

  • 1.  Liveupdate Issue in DMZ

    Posted Mar 14, 2012 07:27 AM

    We have some servers in DMZ installed with SEP. As per the configuration it would download from our LUA. Eversince we upgraded the LUA it has stopped downloading the definitions. We checked the firewall & the LUA port(8080) is opened. Still it throws up with as error as it is unable to connect to the concern LUA.

    Any inputs?



  • 2.  RE: Liveupdate Issue in DMZ



  • 3.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 08:06 AM

    Shiva, you are sure that the LUA is using 8080 and not 7070?

    The following articles may  help:

    Configuring LiveUpdate Administrator (LUA) to download updates from another LUA Server
    Article: TECH105741 | Created: 2008-01-28 | Updated: 2011-08-16 |
    Article URL http://www.symantec.com/docs/TECH105741

    Updating downloads in an internal LiveUpdate Administrator 2.x Server using the downloads from an external LiveUpdate Server
    Article: TECH106254 | Created: 2008-01-15 | Updated: 2011-08-16 |
    Article URL http://www.symantec.com/docs/TECH106254



  • 4.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 08:37 AM

    In the DMZ servers if you try to open the URL of LUA whether it is displaying contents? (The URL may be http://<LUA server name>:8080/clu-prod, if you use default configuration while installing LUA.)



  • 5.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 08:48 AM

    Prachand. Yes. It is configured to connect through port 8080. Your document is related to updating LUA from an another LUA. But in my case, I just need to update my Liveupdate for the SEP client. For now I have updated using intelligent updater. But I need a permanent fix.

     

    Aravind, It isn't working. I'm sure that there is some issue with the firewall exception. How would I check on the local server if the port has been allowed or not?



  • 6.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 08:54 AM

    Did you try that URL testing in local server in DMZ? If it is not displaying the contents the issue is with firewall configuration. (Before testing it in DMZ server you may test the same in a system which is in the same LAN of LUA to confirm the URL is correct.)



  • 7.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 09:25 AM

    Well when I access the clu-prod from DMZ it isn't working. But its working from from the servers within firewall.



  • 8.  RE: Liveupdate Issue in DMZ

    Posted Mar 14, 2012 09:42 AM

    So you have to verify the firewall configuration of DMZ. Also assure that the port is open in both directions.



  • 9.  RE: Liveupdate Issue in DMZ
    Best Answer

    Posted Mar 15, 2012 07:56 AM

    As we can allow only the IP address in the firewall. How do we exclude the directory of the LUA.

    Ex: If my LUA server SERVER10's clu prod directory is http://10.10.10.110:8080/clu-prod then do we have to allow the directory in the firewall.



  • 10.  RE: Liveupdate Issue in DMZ

    Posted Mar 15, 2012 08:29 AM

    I am not good with firewalls. Still I believe there is an option to create exclusion for ports. Try by excluding port 8080.