Endpoint Protection Small Business Edition

View Only

Back to discussions

Expand all | Collapse all

Client Communication Issue

1. Client Communication Issue

0 Recommend
Migration User
Posted Jan 27, 2014 09:49 PM

Reply Reply Privately
Have a few clients not communicating to SEPM. Clients are not cloned but we do use an imaging process to deploy new systems. In fact, this systems were imaged and deployed over the last few months and only found them in a outdated virus def report.

Running “Troubleshooting’ from the client, I see the following:

1-      In ‘General Information’ the server is offline.

2-      In ‘Connection Status’ it displays ‘Connected.’

Also, no green dot on the tray icon.

Things I’ve done:

1-      Tried replacing the sylink.

2-      Even though not cloned I ran ‘RepairClonedImage’ process.

3-      Ran Cleanwipe and reinstalled.

Thank you for any help!
2. RE: Client Communication Issue

0 Recommend
ℬrίαη
Posted Jan 27, 2014 09:53 PM

Reply Reply Privately
Enable sylink debugging on an affected client and post the log here

How to enable Sylink debugging for the Symantec Endpoint Protection 11.x and 12.1 client in the Windows Registry

I would also suggest running the SymHelp tool on an affected system to check for issues:

Troubleshooting computer issues with the Symantec Help support tool

Did you follow these steps when you ran the repairclonedimage

http://www.symantec.com/docs/TECH163349
3. RE: Client Communication Issue

0 Recommend
Migration User
Posted Jan 27, 2014 10:03 PM

Reply Reply Privately
Does windows firewall are disabled ?

Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity

Article:TECH105894 | Created: 2008-01-12 | Updated: 2013-02-08 | Article URL http://www.symantec.com/docs/TECH105894

##Edit

Check this blog

https://www-secure.symantec.com/connect/blogs/troubleshoot-method-offline-clients
4. RE: Client Communication Issue

0 Recommend
Migration User
Posted Jan 27, 2014 10:19 PM

Reply Reply Privately
Hi Brian, thanks for the reply.

I failed to mention I had run SymHelp, and it came back OK. For repairclonedimage, I didn't exactly follow the instructions because I cannot affect SMC since they are not communicating to the SEPM. I did though, prior to deploying the package, was run smc -stop.

I turned on SEP client debugging and found this after importing sylink and selected to update policy:

2014/01/27 22:11:41.178 [2808:4412] Import Sylink file: importing from C:\Users\rickd\Desktop\sylink.xml

2014/01/27 22:11:41.194 [2808:4412] Lock held for 15ms

2014/01/27 22:11:41.194 [2808:4412] Stopping SyLink...

2014/01/27 22:11:41.194 [2808:4412] Deleting SyLink...

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Destructor called!

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Stop begin.---->

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Stopping LU download Thread.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>LU download Thread stopped.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Stop Main Thread.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Main Thread stopped.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Stopping heartbeat Thread.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Heartbeat thread stopped, Heartbeat=1800

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Heartbeat Thread stopped.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Start Stopping Downloading Thread

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Downaloding Thread stopped.

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Save sylink settings.

2014/01/27 22:11:41.194 [2808:4412] <SyLink><-----Stop completed!

2014/01/27 22:11:41.194 [2808:4412] Creating SyLink...

2014/01/27 22:11:41.194 [2808:4412] CProfileMgrManPlugin::ReceiveMessage: enter

2014/01/27 22:11:41.194 [2808:4412] ProfileMgrMan: ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] CProfileMgrManPlugin::ReceiveMessage: exit

2014/01/27 22:11:41.194 [2808:4412] AVMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] AVMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] LUMan: Entering ReceiveMessage with id 0x40003

2014/01/27 22:11:41.194 [2808:4412] AtpiMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] AtpiMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] BashMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] BashMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] CidsMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] CidsMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] RebootMgrMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] RebootMgrMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] RepMgtMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] RepMgtMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] SubmissionsMan: Entering ReceiveMessage with msg id 262147

2014/01/27 22:11:41.194 [2808:4412] SubmissionsMan: Leaving ReceiveMessage

2014/01/27 22:11:41.194 [2808:4412] Sylink is created

2014/01/27 22:11:41.194 [2808:4412] Start SyLink...

2014/01/27 22:11:41.194 [2808:4412] <SyLink>Import Config File !!

2014/01/27 22:11:41.194 [2808:4412] <Start>Succeed to set the managed status to SylinkStats

2014/01/27 22:11:41.209 [2808:4412] <GetDomainHostName>+++++++++++++++win2000 hostName=BGRADY,DomainName=domain.com

2014/01/27 22:11:41.209 [2808:4412] <SyLink>Computer Network Identity (Domain/Host)=domain.com/BGRADY

2014/01/27 22:11:41.428 [2808:2936] Lock acquire took 234ms

2014/01/27 22:11:41.428 [2808:4412] Lock held for 234ms

2014/01/27 22:11:41.428 [2808:4412] start sylink failed: 99

2014/01/27 22:11:41.428 [2808:4412] failed to import sylink to client from GUI!

2014/01/27 22:11:49.355 [2808:4412] Update ProfileNow Request has been sent

Thanks again.
5. RE: Client Communication Issue

0 Recommend
Migration User
Posted Jan 27, 2014 10:21 PM

Reply Reply Privately
Yes, always has been, I am using SEP firewall.
6. RE: Client Communication Issue

0 Recommend
Rafeeq
Posted Jan 27, 2014 11:13 PM

Reply Reply Privately
Post the Sylink log please.
7. RE: Client Communication Issue

0 Recommend
Migration User
Posted Jan 27, 2014 11:22 PM

Reply Reply Privately
8014 port is open in bidirection?

check the connectivity.

http://management server address:8014/secars/secars.dll?hello,secars

Article

http://www.symantec.com/docs/HOWTO80742
8. RE: Client Communication Issue

0 Recommend
Broadcom Employee

pete
Posted Jan 27, 2014 11:27 PM

Reply Reply Privately
just wanted to reconfirm , when you image, you dont have SEP part of the image , is my understanding correct?
9. RE: Client Communication Issue

0 Recommend
ℬrίαη
Posted Jan 28, 2014 11:20 AM

Reply Reply Privately
Can you let the logging run thru a few heartbeats? May need more info here
10. RE: Client Communication Issue

0 Recommend
Migration User
Posted Feb 06, 2014 11:38 PM

Reply Reply Privately
Hello,

Could you please update the thread?

Endpoint Protection Small Business Edition

Client Communication Issue

Migration UserJan 27, 2014 09:49 PM

ℬrίαηJan 27, 2014 09:53 PM

Migration UserJan 27, 2014 10:03 PM

Migration UserJan 27, 2014 10:19 PM

Migration UserJan 27, 2014 10:21 PM

RafeeqJan 27, 2014 11:13 PM

Migration UserJan 27, 2014 11:22 PM

peteJan 27, 2014 11:27 PM

ℬrίαηJan 28, 2014 11:20 AM

Migration UserFeb 06, 2014 11:38 PM

1. Client Communication Issue

2. RE: Client Communication Issue

3. RE: Client Communication Issue

Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity

4. RE: Client Communication Issue

5. RE: Client Communication Issue

6. RE: Client Communication Issue

7. RE: Client Communication Issue

8. RE: Client Communication Issue

9. RE: Client Communication Issue

10. RE: Client Communication Issue