Can you explain the "Server" and "Save as IP" settings in Vipre Enterprise?

So in the following scenario, assuming default port settings on the server:
Vipre Server --- Firewall --- Vipre Client

The Vipre Server:
NetBIOS name: VSERVER
IP: 192.168.1.10
Agent Settings
Policy: VSERVER
Update: VSERVER

Firewall (transparent NAT w/ port forwards)
Internal IP: 192.168.1.10
External IP: 10.0.0.200

If you check the "Save as IP" box and install the client,what IP is the client going to try to connect to for Policy and definition updates?

In your scenario the client will try to connect to 192.168.1.10 and will not find it.

If you use the FQDN instead and don't check Save as IP the remote client will connect.

Please let me know if this is correct.

The first part of my original question, "If the Policy and Update sections contain the NetBIOS name of the server (I beleive this is the default entry), and the server is behind a firewall with the proper ports forwarded, will systems outside the firewall have a broken connection?" is actually yes, not no.

I am just trying to determine how a policy, covering clients which move from within a NATed network with a Vipre Server to outside that network, needs to be configured.

It sounds like the Policy and Update fields simply use standard windows name resolution to determine the IP to connect to. If you check the "Save as IP" is performs this name resolution at the time the deployment is packaged or pushed and the resolved IP is bundeled into the package. If you don't check it the client uses the name from agent settings and name resolution is done as needed by the client.

In order for clients to properly connect to a Vipre server on either side of a NATed firewall, you need to have internal (private) DNS where the server resides to point to the FQDN to the servers actual IP, and external (public) DNS to point to the external IP of the firewall.

Yes, the dault is always the server name you install on In your case the agents that need to go ouside of the network will need thier own policy that they report back to the external IP or the FQDN. If you have setup the port forwarding correctly you will not have any problems with the communication. The following article explains this a little more in detail.

http://support.sunbelt-software.com/D...

Thanks for the reply John.

Your comment assumes that clients are either on the same network as the server, or on the outside of the firewall.

My question specifically relates to policies for clients which move from one side of the firewall to the other and can be on either side for extended periods of time.

That being the case, the most important part of my question has not yet been answered. How does the client deal with name resolution? Are the assumtions regarding name resolution and the "save as IP" setting in my previous comment correct?

I apologize for not being clear, for the time being there is no way to tell the agent to go to this IP when on the network and the other when it is outside the network. It is going to attemt to contact what ever you put into the agent setting tab for the policy and update. For the policy that you use for these agents that move back and forth you need to set it to the External IP or a FQDN and they will go out this IP or the FQDN when they are on or off the network and be forwarded back to the Internal IP.

If you required that the machines move back and forth you cannot use the save as IP option on the policy because the console will resolve the name to the internal IP. If you wish to use youre external IP rather than the FQDN just put the IP address in and leave the save as IP option unchecked.

So to answer your questions the client uses DNS to resolve the name you give it. And yes you need to have your external DNS pointing to your Internal name Vice Versa.

Thanks John.