ScoobyNet.com - Subaru Enthusiast Forum

ScoobyNet.com - Subaru Enthusiast Forum (https://www.scoobynet.com/)
-   Computer & Technology Related (https://www.scoobynet.com/computer-and-technology-related-34/)
-   -   FAO JackClark or EPO Admin's (https://www.scoobynet.com/computer-and-technology-related-34/372488-fao-jackclark-or-epo-admins.html)

David_Wallis 20 October 2004 03:20 PM
FAO JackClark or EPO Admin's
 
We have an EPO server sat on our main Lan. 10.0.0.0

We have an isolated domain sat on a 64.64.0.0 network.

There is a firewall protecting the two lans with relevant epo ports open.

The epo server ip is 10.0.0.110, there is NAT (iirc) setup so it can communicate with the network, its IP address on the isolated lan is 64.64.0.10 or something similar ;)

When trying to do an update it is really slow as it tries to communicate with the server via 10.0.0.110, now it cant communicate with this as it just ignores it.. (cant use this due to pen. testing and client requirements) after around 6 attempts it says 'attempting to use DNS", so it communicates using the FQDN, I have created a DNS entry for the server as expected, except I have pointed it to the working IP, 64.64.. whatever... this works but is slow..

So as it is it works due to finally using DNS but this happens for each file etc..

I have found three XML files containing the IP address:

ServerSiteList.xml
SiteList.Xml
SiteMapList.xml

If I change the IP add from 10.0.0.110 to 64.64.x.x then it works fine...

What creates these files?? where does it pull the info from, is it when you create the framework installer PKG? basically am I going to have to manually edit them (via script etc) and / or is something going to overwrite them at next communication with the server??

Could there be an option in new versions to support more than one server IP add??

David

ozzy 20 October 2004 04:21 PM
The server/list lists are maintained by the ePO server. You can create individual sites (assigned different networkis addresses). The ePO Agent on the clients would then create the XML files depending on the site lists on the server.

How many ePO servers do you have on your site? just the one at 10.0.0.110?

You could create a remote repository in your isolated LAN and allow the ePO server to communicate with that. You could also create a seperate site in the ePO database assigned with the 64.64.x.x network address and modify the site list so clients in that network segment only pull updates from the local repository.

This handles DAT/software updates, but I'm not sure if policies are still pulled from the main ePO database server.

Stefan

David_Wallis 20 October 2004 04:34 PM
Ive created sites, thats not a problem.. ie other offices, vlans etc

the machines get stuck in these automatically.. more than one epo server, but thats irrelevant for this config, remote repository isnt really a prob.. is more the agent - server comms that are the problem. I have done repositorys based on site location by modfying the epo agent properties per site (unticking inherit)

Its more the agent - server IP address that I need to change for a site, or give the site a different 'server' ip to communicate back on IYSWIM.

David

ozzy 21 October 2004 11:27 AM
OK, I think I know what you mean.

If you manually modify the XML files, then that'll work for sure. I've done it myself and pushed it out to clients via a script. The problem is it will get overwritten by the "master" ePO database server with the configuration for the site the client is a member of.

When you say "communicate back on" do you mean everything or just some services such as policy management or software/DAT updates??

You say you have more than one ePO server. How are these configured? Is there one master and you have replicas of the master database or are they simple repositories??

Stefan


All times are GMT +1. The time now is 10:38 PM.


© 2024 MH Sub I, LLC dba Internet Brands