Endpoint Protection

 View Only

  • 1.  Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 03:20 PM

    Hi there

     

    I  have setup a test client on a remote network to see if we could manage it succesfully. However it is not connecting to the server.

     

    I have followed the instructions in http://www.symantec.com/business/support/index?page=content&id=TECH93033&locale=en_US

     

    and here is the sylink file. Any ideas? I have opened the appropriate ports etc.

     

    11/03 14:52:39 [3088] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
    11/03 14:52:39 [3088] <SendRegistrationRequest:>SMS return=0
    11/03 14:52:39 [3088] <ParseHTTPStatusCode:>0=>Uninterpreted Status
    11/03 14:52:39 [3088] <SendRegistrationRequest:>ERR to query content length
    11/03 14:52:39 [3088] <SendRegistrationRequest:>Content Lenght =>
    11/03 14:52:39 [3088] HTTP returns status code=0
    11/03 14:52:39 [3088] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
    11/03 14:52:39 [3088] <SendRegistrationRequest:>COMPLETED, returned 5
    11/03 14:52:39 [3088] HEARTBEAT: Check Point 5.1
    11/03 14:52:39 [3088] <ScheduleNextUpdate>new scheduled heartbeat=32 seconds
    11/03 14:52:39 [3088] HEARTBEAT: Check Point 8
    11/03 14:52:39 [3088] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
    11/03 14:52:39 [3088] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
    11/03 14:52:39 [3088] <RegHeartbeatProc>====== Registration Procedure stops at 14:52:39 ======
    11/03 14:52:39 [3088] HEARTBEAT: Check Point 10
    11/03 14:52:40 [3088] HEARTBEAT: Check Point Complete
    11/03 14:52:40 [3088] <RegHeartbeatProc>Done, Heartbeat=32seconds
    11/03 14:52:40 [3088] HeartbeatProcFailed to get profile with proxy setting 1
    11/03 14:52:40 [3088] <CheckHeartbeatTimer>====== Heartbeat loop stops at 14:52:40 ======
    11/03 14:53:13 [3088] <CheckHeartbeatTimer>====== Heartbeat loop starts at 14:53:13 ======
    11/03 14:53:13 [3088] <GetOnlineNicInfo>:Netport Count=1
    11/03 14:53:13 [3088] <GetOnlineNicInfo>:NicInfo<SSANICs><SSANIC Ip="192.168.27.20" Mac="00-21-9b-00-81-5c" Gateway="192.168.27.1" SubnetMask="255.255.255.0"/></SSANICs>
    11/03 14:53:13 [3088] <CalcAgentHashKey>:CH=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:13 [3088] <CalcAgentHashKey>:CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:13 [3088] <CalcAgentHashKey>:C=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local
    11/03 14:53:13 [3088] <CalcAgentHashKey>:CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:13 [3088] <CalcAgentHashKey>:UCH=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:13 [3088] <CalcAgentHashKey>:UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:13 [3088] <CalcAgentHashKey>:UC=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local
    11/03 14:53:13 [3088] <CalcAgentHashKey>:UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:13 [3088] <DoHeartbeat>HardwareID=4B6F43B88207DD95E0809038C478A251
    11/03 14:53:13 [3088] <DoHeartbeat>CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:13 [3088] <DoHeartbeat>CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:13 [3088] <DoHeartbeat>UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:13 [3088] <DoHeartbeat>UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:13 [3088] <DoHeartbeat> Set heartbeat event
    11/03 14:53:13 [3088] Use new configuration
    11/03 14:53:13 [3088] <RegHeartbeatProc>====== Reg Heartbeat loop starts at 14:53:13 ======
    11/03 14:53:14 [3088] HEARTBEAT: Check Point 1
    11/03 14:53:14 [3088] <GetFirstSEMServer> Selecting a random server
    11/03 14:53:14 [3088] HEARTBEAT: Check Point 2
    11/03 14:53:14 [3088] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
    11/03 14:53:14 [3088] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
    11/03 14:53:14 [3088] HEARTBEAT: Check Point 3
    11/03 14:53:14 [3088] mfn_CreateInetSession: Session is NULL for users's proxy setting .. Communication id bound to FAIL..
    11/03 14:53:14 [3088] Throw Internet Exception, Error Code=0;AH: failed to open internet.
    11/03 14:53:14 [3088] CInternetException: <RegHeartbeatProc>: The operation completed successfully.

    11/03 14:53:14 [3088] <ScheduleNextUpdate>Manually assigned heartbeat=1 seconds
    11/03 14:53:14 [3088] <RegHeartbeatProc>====== Registration Procedure stops at 14:53:14 ======
    11/03 14:53:14 [3088] HEARTBEAT: Check Point 10
    11/03 14:53:14 [3088] HEARTBEAT: Check Point Complete
    11/03 14:53:14 [3088] <RegHeartbeatProc>Done, Heartbeat=1seconds
    11/03 14:53:14 [3088] HeartbeatProcFailed to get profile with proxy setting 2
    11/03 14:53:14 [3088] <CheckHeartbeatTimer>====== Heartbeat loop stops at 14:53:14 ======
    11/03 14:53:16 [428] <CExpBackoff::CExpBackoff()>
    11/03 14:53:16 [428] </CExpBackoff::CExpBackoff()>
    11/03 14:53:16 [2240] <CSyLink::mfn_DownloadNow()>
    11/03 14:53:16 [2240] </CSyLink::mfn_DownloadNow()>
    11/03 14:53:16 [3088] <CheckHeartbeatTimer>====== Heartbeat loop starts at 14:53:16 ======
    11/03 14:53:17 [3088] <GetOnlineNicInfo>:Netport Count=1
    11/03 14:53:17 [3088] <GetOnlineNicInfo>:NicInfo<SSANICs><SSANIC Ip="192.168.27.20" Mac="00-21-9b-00-81-5c" Gateway="192.168.27.1" SubnetMask="255.255.255.0"/></SSANICs>
    11/03 14:53:17 [3088] <CalcAgentHashKey>:CH=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:17 [3088] <CalcAgentHashKey>:CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:17 [3088] <CalcAgentHashKey>:C=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local
    11/03 14:53:17 [3088] <CalcAgentHashKey>:CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:17 [3088] <CalcAgentHashKey>:UCH=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:17 [3088] <CalcAgentHashKey>:UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:17 [3088] <CalcAgentHashKey>:UC=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local
    11/03 14:53:17 [3088] <CalcAgentHashKey>:UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:17 [3088] <DoHeartbeat>HardwareID=4B6F43B88207DD95E0809038C478A251
    11/03 14:53:17 [3088] <DoHeartbeat>CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:17 [3088] <DoHeartbeat>CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:17 [3088] <DoHeartbeat>UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:17 [3088] <DoHeartbeat>UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:17 [3088] <DoHeartbeat> Set heartbeat event
    11/03 14:53:17 [3088] Use new configuration
    11/03 14:53:17 [3088] <RegHeartbeatProc>====== Reg Heartbeat loop starts at 14:53:17 ======
    11/03 14:53:18 [3088] HEARTBEAT: Check Point 1
    11/03 14:53:18 [3088] <GetFirstSEMServer> Selecting a random server
    11/03 14:53:18 [3088] HEARTBEAT: Check Point 2
    11/03 14:53:18 [3088] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
    11/03 14:53:18 [3088] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
    11/03 14:53:18 [3088] HEARTBEAT: Check Point 3
    11/03 14:53:18 [3088] mfn_CreateInetSession: Session is NULL for 'no proxy' setting .. Communication id bound to FAIL..
    11/03 14:53:18 [3088] Throw Internet Exception, Error Code=0;AH: failed to open internet.
    11/03 14:53:18 [3088] CInternetException: <RegHeartbeatProc>: The operation completed successfully.

    11/03 14:53:18 [3088] <ScheduleNextUpdate>Manually assigned heartbeat=1 seconds
    11/03 14:53:18 [3088] <RegHeartbeatProc>====== Registration Procedure stops at 14:53:18 ======
    11/03 14:53:18 [3088] HEARTBEAT: Check Point 10
    11/03 14:53:18 [3088] HEARTBEAT: Check Point Complete
    11/03 14:53:18 [3088] <RegHeartbeatProc>Done, Heartbeat=1seconds
    11/03 14:53:18 [3088] HeartbeatProcFailed to get profile with proxy setting 3
    11/03 14:53:18 [3088] <CheckHeartbeatTimer>====== Heartbeat loop stops at 14:53:18 ======
    11/03 14:53:20 [3088] <CheckHeartbeatTimer>====== Heartbeat loop starts at 14:53:20 ======
    11/03 14:53:21 [3088] <GetOnlineNicInfo>:Netport Count=1
    11/03 14:53:21 [3088] <GetOnlineNicInfo>:NicInfo<SSANICs><SSANIC Ip="192.168.27.20" Mac="00-21-9b-00-81-5c" Gateway="192.168.27.1" SubnetMask="255.255.255.0"/></SSANICs>
    11/03 14:53:21 [3088] <CalcAgentHashKey>:CH=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:21 [3088] <CalcAgentHashKey>:CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:21 [3088] <CalcAgentHashKey>:C=12C9E0720A00C81B0151000A2E8FC8251csrt-admincsrt.local
    11/03 14:53:21 [3088] <CalcAgentHashKey>:CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:21 [3088] <CalcAgentHashKey>:UCH=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local4B6F43B88207DD95E0809038C478A251
    11/03 14:53:21 [3088] <CalcAgentHashKey>:UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:21 [3088] <CalcAgentHashKey>:UC=12C9E0720A00C81B0151000A2E8FC8250AdministratorCSRT.LOCALcsrt-admincsrt.local
    11/03 14:53:21 [3088] <CalcAgentHashKey>:UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:21 [3088] <DoHeartbeat>HardwareID=4B6F43B88207DD95E0809038C478A251
    11/03 14:53:21 [3088] <DoHeartbeat>CHKey=577BBCA0575567EBD2D1ADF857E5C7EA
    11/03 14:53:21 [3088] <DoHeartbeat>CKey=0E61EB6C9145D6F328687794105BC594
    11/03 14:53:21 [3088] <DoHeartbeat>UCHKey=AF06167339F53F3EE89C88211057B6C2
    11/03 14:53:21 [3088] <DoHeartbeat>UCKey=DDA452F2388A81D1E3D91805B50481DE
    11/03 14:53:21 [3088] <DoHeartbeat> Set heartbeat event
    11/03 14:53:21 [3088] Use new configuration
    11/03 14:53:21 [3088] <RegHeartbeatProc>====== Reg Heartbeat loop starts at 14:53:21 ======
    11/03 14:53:21 [3088] HEARTBEAT: Check Point 1
    11/03 14:53:21 [3088] <GetFirstSEMServer> Selecting a random server
    11/03 14:53:21 [3088] HEARTBEAT: Check Point 2
    11/03 14:53:21 [3088] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
    11/03 14:53:21 [3088] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
    11/03 14:53:21 [3088] HEARTBEAT: Check Point 3
    11/03 14:53:21 [3088] <RegHeartbeatProc>Setting the session timeout on Profile Session (Registration) to 30000
    11/03 14:53:21 [3088] HEARTBEAT: Check Point 4
    11/03 14:53:21 [3088] <RegHeartbeatProc>===Registration STAGE===
    11/03 14:53:21 [3088] <MakeRegisterData:>logon id (domain/user)=CSRT.LOCAL/Administrator
    11/03 14:53:21 [3088] <GeneratePreferredGroupAndModeInRegistration:>Loading current group:My Company\Dr Jim
    11/03 14:53:21 [3088] <GeneratePreferredGroupAndModeInRegistration:>Loading preferred group:My Company\Dr Jim
    11/03 14:53:21 [3088] <GeneratePreferredGroupAndModeInRegistration:>Loading preferred mode:1
    11/03 14:53:21 [3088] <GeneratePreferredGroupAndModeInRegistration:>It will remember nothing, PreferredGroup is My Company\Dr Jim, PreferredMode is 1

    read error, exit
    11/03 14:53:42 [3088] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
    11/03 14:53:42 [3088] <SendRegistrationRequest:>SMS return=0
    11/03 14:53:42 [3088] <ParseHTTPStatusCode:>0=>Uninterpreted Status
    11/03 14:53:42 [3088] <SendRegistrationRequest:>ERR to query content length
    11/03 14:53:42 [3088] <SendRegistrationRequest:>Content Lenght =>
    11/03 14:53:42 [3088] HTTP returns status code=0
    11/03 14:53:42 [3088] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
    11/03 14:53:42 [3088] <SendRegistrationRequest:>COMPLETED, returned 5
    11/03 14:53:42 [3088] HEARTBEAT: Check Point 5.1
    11/03 14:53:42 [3088] <ScheduleNextUpdate>new scheduled heartbeat=64 seconds
    11/03 14:53:42 [3088] HEARTBEAT: Check Point 8
    11/03 14:53:42 [3088] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
    11/03 14:53:42 [3088] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
    11/03 14:53:42 [3088] <RegHeartbeatProc>====== Registration Procedure stops at 14:53:42 ======
    11/03 14:53:42 [3088] HEARTBEAT: Check Point 10
    11/03 14:53:43 [3088] HEARTBEAT: Check Point Complete
    11/03 14:53:43 [3088] <RegHeartbeatProc>Done, Heartbeat=64seconds
    11/03 14:53:43 [3088] HeartbeatProcFailed to get profile with proxy setting 1
    11/03 14:53:43 [3088] <CheckHeartbeatTimer>====== Heartbeat loop stops at 14:53:43 ======
    11/03 14:54:17 [2240] <CSyLink::mfn_DownloadNow()>
    11/03 14:54:17 [2240] </CSyLink::mfn_DownloadNow()>

    ***[0xa64]:[2010-11-03 14:54:19:520]***SylinkMonitor Stopped



  • 2.  RE: Cannot connect Endpoint 11 clients over a NAT
    Best Answer

    Posted Nov 03, 2010 03:25 PM

    Have you setup the port forwrding to the SEPM sever for ports (8014 - default), port 139 for Netbios name recognition and port 80 (default website)?



  • 3.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 03:29 PM

    Are you able to telnet on port 8014 ?

    try doing a secars test

    http://<server_name or IP address>:8014/secars/secars.dll?hello,secars



  • 4.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 03:37 PM

    Yup, I just checked and it was setup to allow 139 and 80 through anyway, and port forwarding is correct as well for 45878 (the port i'm using)



  • 5.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 03:41 PM

    The secars test works on the same network that the management server is on, but not when I run it on the remote machine



  • 6.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 03:45 PM

     run a tracert servername

    do u see any firewall with * ( you should be:))

    open port 8014 on  ur network



  • 7.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 03, 2010 04:50 PM

    MT group...

    Interesting, so port forwarding on the necessary ports is working, unless you are using HTTPS port 443...  in which case that should be opened as well.

    What is the client version of windows that you are using?

    Do you have a firewall enabled on the server?

    Since this is a test machine, I assume it's the only machine?

    One last thing to check, DNS settings are correct?  You can, from the client machine, PING the server by name and by IP address and the resulting ICMP echo requests are coming back properly?



  • 8.  RE: Cannot connect Endpoint 11 clients over a NAT

    Posted Nov 04, 2010 02:58 PM

    It's solved - I had missed a NAT rule. Thanks everyone