Client status is not updated
Created: 05 Feb 2013 | 10 comments
We deploy SEP client successfully to a server in another domain, it shows deployment has been completed. log onto this server, SEP has been installed. But Last Connected is blank, and SEPM Server is offline. We also cannot find this SEP client server name on SEPM.
We run update policy and check the connection by netstat command, found that it is connecting to 8014 port.
Our question is:
1. Is this problem caused by network port restriction ?
2. What ports SEP needs to connect to SEPM server ,so that SEP client can be managed properly?
3. What ports SEP needs to connect to LUA server for definition and others download?
Discussion Filed Under:
Comments 10 Comments • Jump to latest comment
Troubleshooting Client Communication with SEPM
Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity
2. What ports SEP needs to connect to SEPM server ,so that SEP client can be managed properly?
Which Communications Ports does Symantec Endpoint Protection use?
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Find the attach blog
It help you for troubleshooting aobut offile clients
https://www-secure.symantec.com/connect/blogs/troubleshoot-method-offline-clients
Regards
Sumit G.
Hello,
Our question is:
1. Is this problem caused by network port restriction ?
Could be.
2. What ports SEP needs to connect to SEPM server ,so that SEP client can be managed properly?
TCP port 80, 8014 Communication between the SEP manager and SEP clients and Enforcers. (8014 in MR3 and later builds, 80 in older). The 11.x product line uses IIS. The 12.x product line uses Apache.
TCP port 2638 Communication between the Embedded Database and the SEP Manager.
3. What ports SEP needs to connect to LUA server for definition and others download?
TCP port 80, 8014
http://www.symantec.com/docs/TECH163
In your case, could you please collect the sylink.log and upload it to us to understand the root cause of the issue -
How to enable Sylink debugging for the Symantec Endpoint Protection 11.x and 12.1 client in the Windows Registry
http://www.symantec.com/docs/TECH104758
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
1. Is this problem caused by network port restriction ? Yes ( Most of the times port 8014 willbe blocked)
2. What ports SEP needs to connect to SEPM server ,so that SEP client can be managed properly?
on the client open the sylink.xml file. 6th line will have SEPM server name and port used for communication enable that.
3. What ports SEP needs to connect to LUA server for definition and others download?
it should be on 7070
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Dear All
Please refer to below log
Does it mean
http://SER-SEPM.corp.oocl.com:8014 is not accessible ? any other port problem
02/06 17:50:37.070 [2952] http://SER-SEPM.corp.oocl.com:8014
02/06 17:50:37.070 [2952] 17:50:37=>Send HTTP REQUEST
02/06 17:50:45.837 [2268] SyLinkCreateConfig => Created instance: 01C72658
02/06 17:50:45.837 [2268] Importing ConfigObject: 01CD9440 into: 01C72658
02/06 17:50:58.197 [2952] 17:50:58=>HTTP REQUEST sent
02/06 17:50:58.197 [2952] 12029=>The attempt to connect to the server failed.
02/06 17:50:58.197 [2952] 17:50:58=>QUERY return code
02/06 17:50:58.197 [2952] 17:50:58=>QUERY return code completed
02/06 17:50:58.197 [2952] SMS return=0
02/06 17:50:58.197 [2952] 0=>Uninterpreted Status
02/06 17:50:58.197 [2952] ERR to query content length
02/06 17:50:58.197 [2952] Content Lenght =>
02/06 17:50:58.197 [2952] HTTP returns status code=0
02/06 17:50:58.197 [2952] RECEIVE STAGE COMPLETED
02/06 17:50:58.197 [2952] COMPLETED, returned 5
02/06 17:50:58.212 [2952] HEARTBEAT: Check Point 5.1
02/06 17:50:58.212 [2952] switch to another server
02/06 17:50:58.212 [2952] HEARTBEAT: Check Point 9
02/06 17:50:58.212 [2952] HEARTBEAT: Check Point 8
02/06 17:50:58.212 [2952] going to post event=EVENT_SERVER_DISCONNECTED
02/06 17:50:58.212 [2952] done post event=EVENT_SERVER_DISCONNECTED, return=0
02/06 17:50:58.712 [2952] HEARTBEAT: Check Point 1
02/06 17:50:58.712 [2952] HEARTBEAT: Check Point 2
02/06 17:50:58.712 [2952] going to post event=EVENT_SERVER_CONNECTING
02/06 17:50:58.712 [2952] done post event=EVENT_SERVER_CONNECTING, return=0
02/06 17:50:58.712 [2952] HEARTBEAT: Check Point 3
02/06 17:50:58.712 [2952] Setting the session timeout on Profile Session (Registration) to 30000
02/06 17:50:58.728 [2952] HEARTBEAT: Check Point 4
02/06 17:50:58.728 [2952] ===Registration STAGE===
02/06 17:50:58.728 [2952] logon id (domain/user)=LocalComputer/Administrator
02/06 17:50:58.728 [2952] Loading current group:My Company\TEST_GROUP
02/06 17:50:58.728 [2952] Loading preferred group:My Company\TEST_GROUP
02/06 17:50:58.728 [2952] Loading preferred mode:1
02/06 17:50:58.728 [2952] It's a client which has never registered to server, it should use the settings in sylink.xml, PreferredGroup is My Company\TEST_GROUP, PreferredMode is 1
02/06 17:50:58.728 [2952] It will remember both current group and mode, PreferredGroup is My Company\TEST_GROUP, PreferredMode is 1
02/06 17:50:58.728 [2952]
HI,
Are you able to telnet 8014 ?
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi,
On how many machines are you facing this issue?
If its on only one machine then try to replace the sylink file and check if it comunicates. Then you can try to delete the system proxy and check if it communicates.
Are you able to do a telnet on port 8014 from client side?
- MASH
Hello,
Make sureSEPM server should be able to connect LUA server on port 8080 ( default for LUA)
In SEPM-Admin-Servers-Local Site-Properties-Liveupdate-Source Server.
add the distribution address for LUA server.
it would be something like http://< name or ip of LUA server/Clu-Prod:8080
And in SEPM-Liveupdate-Policies
Make sure only Default Management Server (SEPM) is selected
In this way you will acheive what you want.
Internet -> LUA->SEPM -> All Clients
Please find the link for all sep related port.
http://www.symantec.com/business/support/index?pag...
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
is there firewall between?
is proxy in between the client and SEPM?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
According to log the client is getting timeout while trying to register to SEPM:
02/06 17:50:58.712 [2952] Setting the session timeout on Profile Session (Registration) to 30000
02/06 17:50:58.197 [2952] 12029=>The attempt to connect to the server failed.
- any proxy in between these machines?
- have a look at similar threads:
https://www-secure.symantec.com/connect/forums/sym...
https://www-secure.symantec.com/connect/forums/sep...
- try this as well:
Open registry
Browse to
\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections and export the connections folder to a memorable location.
- backup registry
Then browse to
\HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections and delete the following keys.
DefaultConnectionSettings
SavedLegacySettings
Would you like to reply?
Login or Register to post your comment.