PM 10 on Linux questions
Hello,
I recently set up a PM 10 on a 64-bit Debian with no GUI. I set the ports to the default values, allowing remote connections to the administration module. So I tested from a remote station http://<server-ip>: works, http://<server-ip>/b: works, http://<server-ip:8081> works, http://<server-ip>:8081 gives me a TCP error.
I also installed Policy Manager Console, but I am not sure what it is for, is this a X-Window application or a web application?
Then I installed a Windows Policy Manager Console trying to connect to the Linux server, but it fails on authentication no matter which user i use.
Comments
-
Nevermind,
I realized that the username is admin and the password the one I entered during installation. Is there a way to change it after installation?
0 -
Hello,
F-Secure Policy Manager version 10 allows you to create multiple users for the console.
0 -
Hello SSP,
In order to change the password, please open Policy Manager Console and select: Tools -> Change password.6 -
Thanks.
0 -
Dear All,
> I recently set up a PM 10 on a 64-bit Debian with no GUI ... Then I installed a Windows Policy Manager Console trying to connect to the Linux server, but it fails
The situation is similar for us.
Debian Linux Squeeze 6.0.6, 64-bit, non-GUI server
with IP adresses: 192.168.1.234 and 192.168.7.254
Fresh install with FSPM 10.01.
All three ports of the Linux-based PMS server (HTPP 8200 for clients, HTTPS 8201 for PMC and HTTP 8081 for Web Reporting) are visible when a web browser is opened on a Windows workstation. Connecting with FSPMC from a remote computer has been enabled during the installation wizard.
The FSPMC has been installed on a Windows 7 Enterprise workstation. However, it is not possible to login to the PMS when using the Windows-based PMC console.The server's error message is:
"/var/opt/f-secure/fspms/logs/launcher-error.log":
WARNING::javax.net.ssl.SSLException:
Unrecognized SSL message, plaintext connection?The Windows-side error message is:
F-Secure Policy Manager Console:
Cannot connect to the server:
Could not access HTTP invoker remote service at
https://192.168.1.234:8201/fspms/remoting/FspmsInstanceInfo
nested exception is org.apache.http.conn.
ConnectTimeoutException:
Connect to fw.domain-name.hu/192.168.7.254:8201 timed out.
Please tell us what should be changed in the configuration to make this
setup work properly?I especially do not understand this one line:
> nested exception is org.apache.http.conn.
I mean the "Release Notes for F-Secure Policy Manager 10.01, Linux version" says:
"Apache HTTP server is no longer installed during Policy Manager Server installation"
Thanks in advance, Sincerely: Tamas Feher, 2F 2000, Hungary.0 -
I stopped and disabled Apache:
/etc/init.d/apache2 stop
update-rc.d -f apache2 removeAnd then I used the default ports for everything else, because I found no way to specify the port for the Windows PMC.
0 -
Dear SSP,
Thanks for the response!
> I stopped and disabled Apache
Can you elaborate a bit more on this issue? Did you have a pre-existing Apache on the Linux or did the F-Secure FSPMS setup put the Apache there?
> I found no way to specify the port for the Windows PMC
You should be able to specify custom port for connection in the PMC Connection Properties URL like, just like in a web browser: IP address double-dot port-number.
The ports are adjustable in FSPMS setup wizard, so that FSAV antivirus centralized management does not need a dedicated server. If there is an IIS or Apache production web server occupying the standard 80 / 8080 ports, just use 85 / 8085 / 8086 for F-Secure PM. (In ancient times, FSPMS was actually IIS-based.)
Sincerely: Tamas Feher.
0 -
Yes I had an existing Apache installed. I used a preconfigured Debian VM for our environment. I disabled it because it occupied port 80 which is the default host module port. FSPMS installs it's own web server. However I don't know what it is.
>You should be able to specify custom port for connection in the PMC Connection Properties URL like, just like in a web browser: IP address double-dot port-number.
OK, this might work, but as I use the default ports I don't need to add them to the URL.
Your error message likely results from using the wrong port. Try a telnet connection on all ports to see if they are opened.
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support