DHCP Enforcer Plugin does not connect to the SEPM manager: HTTP 400 Bad Request error in packet capture

Article:TECH105594  |  Created: 2008-01-11  |  Updated: 2008-01-11  |  Article URL http://www.symantec.com/docs/TECH105594
Article Type
Technical Solution

Product(s)

Issue



The Integrated DHCP Enforcer Plugin has been installed on the DHCP server and configured with the IP address of the SEPM (Symantec Endpoint Protection Manager) server.
However the Enforcer never connects to SEPM - the Enforcer GUI connection-light stays red and the Enforcer group it not created in the SEPM console.


Symptoms

A packet capture of the port 80 HTTP traffic between the Enforcer and the SEPM server shows:
Enforcer -> SEPM GET /secars/secars.dll?h=8326419823746823649827649832648297432.... HTTP/1.1

SEPM -> Enforcer HTTP/1.1 400 Bad Request

The body of the 400 reply holds the following text:
SECARS: No length parameter for the encoding URL!

If debugging is enabled on the Enforcer the Debug\snacDebugLog.log file may also show the following message:
SPM return bad request for the registration request!! Share secret could be wrong!
Registration failed!
(See KB: "How to enable debug logging on the Symantec Integrated Enforcer Plugin" Database 'Enterprise Security', View 'Support\All Documents (CLF)', Document 'How to: Enable debugging of the Symantec Integrated Enforcer Plugin')



Solution



This is caused by a mismatch of the encryption password (pre-shared secret) between the Enforcer and the SEPM server. The encryption password string entered in the Enforcer GUI has to be exactly the same as the string entered on the SEPM server during installation.





Legacy ID



2008081113051348


Article URL http://www.symantec.com/docs/TECH105594


Terms of use for this information are found in Legal Notices