Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Gateway and LAN enforcer

Created: 05 Feb 2013 • Updated: 12 Feb 2013 | 6 comments
Jaredirk's picture
This issue has been solved. See solution.

We have 1 LAN and Gateway enforcer which is upgraded to 12.1 RU2.

I would like to know how will I connect the 2 enforcers to my SEPM and see them in the server lists?

Comments 6 CommentsJump to latest comment

SMLatCST's picture

In order to see the enforcers in the server list, ou must first connect them to your SEPM.  The below article should help:

http://www.symantec.com/docs/HOWTO81652

Jaredirk's picture

Hi,

The SEPM server can ping the enforcers and I can ping the SEPM server.

We had also configured on the enforcer the ip of the sepm, port and key

Base from the forums, the pre shared key of the enforcer and SEPM should be the same. this should be properly configured, the enforcers will automatically show on the admin>server lists without configuring from the server.. Is this correct?

My problem is, it might be the pre shared key but I don't exactly remember when that key was asked during the SEPM installation.

Since I'm using 12.1 RU2, is there a way to verify the pre shared key and to correct this?

Do I have to change the key in the enforcers?

Do I have to re-install the SEPM?

Thanks

SMLatCST's picture

Can you take a look at the below articles?  Is this the problem you're esxperiencing?

http://www.symantec.com/docs/TECH132455
http://www.symantec.com/docs/TECH152606
http://www.symantec.com/docs/TECH162054

As it states, you no longer have to know the encryption password set during the SEPM's installation, but use the hashed KCS from the Sylink.xml file to establish Enforcer to SEPM comms.

Jaredirk's picture

Does my enforcer login password should be the same with my SEPM password?

Or the smae with the encryption / hash hey?

Jaredirk's picture

Also, if I manage to remember the encryption password; the format would still be:

spm ip ________ group ________ http 8014 key ________

so for my understanding,

after the key part, I can use either the encryption or the hash key (kcs). Did i get it correctly? 

SMLatCST's picture

As far as I can tell, the command will be:

spm ip X.X.X.X group groupname http port keyhash kcsfromSylink

The below article shows the default login credentials for a SNAC appliance, if youve changed these and lost the password then you'll need to do a factory reset.

http://www.symantec.com/docs/HOWTO81740

The below article suggests the complexity requirements for the new password.

http://www.symantec.com/docs/HOWTO81716

SOLUTION