Hi All,

i created locatioon awareness policy for updating liveupdate definitions from internet when system is not in network. During testing we found that system can able to switch to the location defined, but doubt is whether user should manually launch liveupdate or it will automatically update.

i scheduled liveupdate as contnious in that policy. please clarify

Yes, it will connect automatically than and update. No need to launch manually.

how much it will take i connected data card in testing laptop and waited for 10 minutes. but not updated..why

Check this articles and check your configuration

How to configure mobile computers to automatically download virus definitions when disconnected from the Symantec Endpoint Protection Management console

Hi,

i already read that article, but i cant get what to set the time foe scheduling the live update

there is setting in case of conflict it will be default location.

can you check if the new location is in plce when moved from network?

Hi Pete,

Yes system can able to change location. but live update only is not happening..i ket the data card for 10 mins ling..but not updated..thats why i changed schedule as continous but not updated..

Can you look in or post the log.lue file (assuming a 12.1 client) for evidence of if the machine is trying to run a LU session while in the "outside" location.  The log.lue file location is in the belwo article:

http://www.symantec.com/docs/TECH168602

What version are you on?

Iam using 12.1 RU4 beta version for testing. if it worked out fine then i will deploy in my peoduction environment

Hi,

Please find the log file

Attachment(s)

log_15.zip   2 KB 1 version

There are separate forums for discussing issues with products still in beta testing.

In analysis though, the log indicates the first two LU attempts were cancelled:

"Received cancellation request at 2013/10/19 10:54:08.372
 Received cancellation request at 2013/10/19 11:40:52.081"

While the third attempt fails to detect the proxy server: 10.121.2.192:8080 and fails with a "WinHttp error: 12030".  This apparently means:

"The connection with the server has been reset or terminated, or an incompatible SSL protocol was encountered. For example, WinHTTP version 5.1 does not support SSL2 unless the client specifically enables it."

http://msdn.microsoft.com/en-us/library/windows/desktop/aa383770(v=vs.85).aspx

Hopefully, this should point you in the right direction, but I think you're meant to raise this on the beta forums rather than here.  It is generally not recommended that you go into production with a beta version of the software.

Hi,

Thanks iam not going for beta for production server. im justing doing testing only thats why i asked.

So one thing is whatever may be the time we scheduled, how symantec will know at which we should update definitions if it is not connected to management server?

its based on heartbeat and the LU policy configured, the SEP client will connect to source to requestthe download.

if SEPM is not avilable and it's the only source, till the client communicate to SEPM the content won't be downloaded.

Hi,

As i mentioned i want my clients to download content from internet when it is not able to connect to SEPM. Is there any best practice to configure the heart beat interval and live update schedule

Hi Srikant,

Please check whether you have removed proxy connection setting from liveupdate policy when you are connecting through data card.

plz check below setting for location switch.

And for this WAN location specific setting check and confirm that you have applied new liveupdate policy with proxy options disabled.

To recap then.

The log.lue file you posted appears to indicate your SEP client is connecting to Symantec LiveUpdate for its content and that the "external" location of yours is working correctly.

The frequency or schedule behind this LU session is controlled via the LU policy assigned to the "External" location.  As you have the schedule configured for "Continuous", the client should repeatedly run the LU session over and over again.

As the Location Switching appears to be working and the client is attempting to update from Symantec rather than your SEPM, you should be focussing your investigations on why it is unable to update (because it clearly is trying, according to the logs you posted).

Yes, absolutely agree with SMLatCST.

You should check why your client are not able to connect to Symantec Liveupdate over internet.

and one reason i doubt is the proxy setting you must have mentioned in liveupdate policy for switched location. becoz you are connecting through data card where your LAN proxy settings won't work for you.

Hi Avkash,

Thanks i will check that..then second doubt is in my case i had disabled both options for liveupdate schedule skipping..is that ok?

Yes, srikant no issue in disabling these two option for "WAN- Liveupdate policy".

Hi Guys,

Thanks..SEP update over internet is working for me..

Do you mean to say it's now fixed?  If so, that's great news 

As always, please mark any useful posts with a "Thumbs Up" or as the Solution to aid others who might be experiencing the same issues.