"I've had a play with the agent - I installed it on a box with no file/print sharing, and allowed 4155 through the local firewall for the patching server."
4155 will allow you to send commands from the Protect to the Agents. This is performed from View > Machine. Right-click on a machine and you will see the options:
"However, scanning the machine still shows up with a 201 error"
You should never see scan errors when an agent is scanning a machine. Seeing a 201 would indicate you are bypassing the agent and performing agentless scans against it. Any from a Machine Group or Home Page is agentless. Right-click on a machine in View > Machines and choosing Patch Scan would be agentless too.
"and a simple test existence/credentials shows it as offline. The instant I turn on file and print sharing, it pops up."
This command is agentless based too, it require simple file sharing.
- Port 3121 needs to be open from the client to the Protect server.
- Agent Quick Start Guide: https://help.ivanti.com/sh/help/en_US/PWS/93/qsg-pws-9-3-agent.pdf
- Videos: Ivanti Help - YouTube
Let me know if you have more questions.
Thank you Charles. Unfortunately it doesn't show up in Machine View as it can't connect to the server. The agent is installed, 4155 is open on the client server, and 3121 open on patch server. It sounds from what you're syaing that I'm trying to bypass the agent and perform agentless scans, which is why I can't see this, but I don't get how to get around it. I've read the agent quick-start, and created a basic agent policy (mostly defaults), but don't see how I control a machine with an agent installed through the patch console, if you know what I mean? Is that possible, or do I have to do it through the agent UI on each client machine?
1 of 1 people found this helpful
Yes, the machine won't show in the View > Machines until it's been scanned (agent or agentless) or has an agent installed on it. How did you install the agent? From the Console or the manually from the installer file? The machine should be in the machine view once the agent check-ins or uploads the scan results. This normally happen moments after the agent is completely installed. Once in the view, you control the agent with the UI I showed you up above or allow them to run their scan and deployment jobs at their scheduled times. From what you say the agent is installed, but doesn't show in the machine view, this would tell me the agent isn't fully installed or is failing to contact the Protect server.
There are a lot of variables, it could take days to track them all down. May I suggest requesting Support to give you a call and walk you through how this works?
Thanks Charles - it sounds like the agent hasn't installed properly then - I only get a blank screen on the overview section when looking at the agent UI on that server, and it definitely doesn't show in machine view. Thanks for the info!
I'm positive a quick call with Support can get you up and running in no time, assuming you meet the requirements for the agent. We could also troubleshoot it here, but I'm going to need logs attached to the thread. Not sure if you are comfortable with that.