Enforcer 6100 Series Appliance Intermittently Loses Connectivity With Symantec Endpoint Protection Manager (SEPM)

Article:TECH143266  |  Created: 2010-11-02  |  Updated: 2010-11-02  |  Article URL http://www.symantec.com/docs/TECH143266
Article Type
Technical Solution


Environment

Issue



Enforcers cannot connect to the SEPM (RU5) – capture may show HTTP 500 errors.  Sometimes the Enforcer shows up as online on the SEPM side, but never on the “show status” Enforcer CLI.


Error



The database may show errors regarding “Invalid Server List!”


Environment



Version of LAN enforcer: 11.0.5002.6122 (6100 series) SEPM version: 11.0.5002.282 (RU5)


Cause



DNS servers may not be properly resolving hostnames in the Management Server List. 


Solution



Best practice when entering Policy Management servers on the Enforcer-side  Management Server List is to either use FQDNs (servername.domain.com) or IP Addresses (x.x.x.x) to identify the SEPMs.  Entering the hostname (servername) alone may cause problems if your DNS servers do not properly resolve them.


Supplemental Materials

Description

 

Steps to confirm:
Install RU5 on Enforcer and SEPM
Restore DB 
Reconfigure SEPM
Connect NEW Enforcer to SEPM
 
On SEPM: 
Copy the Default Management Server List
Delete ALL Hostnames from the copied Server List
Under NEW Enforcer Properties, set the Default Management Server List to the newly created (copied) Server List
Confirm that the NEW Enforcer shows Online
 
 
On NEW Enforcer
Show Status to confirm SEPM/ Enforcer shows Online
 
Test to confirm SEPM/Enforcer communication:
On SEPM
At NEW Enforcer group properties: Enable Advanced properties (Legacy Client, Local Authentication) by checking boxes
Confirm profile.xml on \SEP\data\outbox\enforcerid\ has been updated
 
On Enforcer
Confirm Enforcerprofile.xml is updated under /opt/LanEnforcer/conf
 


Article URL http://www.symantec.com/docs/TECH143266


Terms of use for this information are found in Legal Notices