Video Screencast Help

Replication Failure on newly established server

Created: 06 Aug 2009 • Updated: 21 May 2010 | 16 comments
This issue has been solved. See solution.

Hi folks.

I am attempting to migrate an existing server to a new machine. I have followed the steps outlined in this article.
When I attempt to "Replicate now" on the NEW server in order to "pull" from the OLD server, this is the message I get:

August 6, 2009 12:58:49 PM EDT:  Replication from remote site My Site to local site NEW finished unsuccessfully  [Site: NEW]  [Server: AVS-V1]
August 6, 2009 12:58:49 PM EDT:  Unable to reach remote Site [My Site]: Failed to connect to the server.

Make sure that the server is running and your session has not timed out.
If you can reach the server but cannot log on, make sure that you provided the correct parameters.
If you are experiencing network issues, contact your system administrator. ErrorCode: 0x80020000  [Site: NEW]  [Server: AVS-V1]
August 6, 2009 12:58:49 PM EDT:  Failed to connect to the server.

Make sure that the server is running and your session has not timed out.

If you can reach the server but cannot log on, make sure that you provided the correct parameters.
If you are experiencing network issues, contact your system administrator. ErrorCode: 0x80020000  [Site: NEW]  [Server: AVS-V1]
August 6, 2009 12:58:49 PM EDT:  Got a mis-matched Certificate.  [Site: NEW]  [Server: AVS-V1]
August 6, 2009 12:58:49 PM EDT:  Replication from remote site My Site to local site NEW being initiated  [Site: NEW]  [Server: AVS-V1]



I have confirmed connectivity between the two servers, both by simple pinging/telnetting and by literally logging in to one server from the other's console.
I adjusted memory heap settings per another useless KB article, no change. Services and Servers have been started and restarted all to no avail.

Also, replication the "other" way, executed on the OLD server, go off without a hitch. 

Both servers running 11.0.4202.75

So what do you think?

Comments 16 CommentsJump to latest comment

Vikram Kumar-SAV to SEP's picture

You version is it 11.0.4202.xx or 11.0.1xxx.xxxx

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

Jeremy Dundon's picture

In each case it was because one server (generally the new one) was installed via RDP or Dameware.

Or because the replication is configured via RDP. 

This may not be what you are experiencing, but it happens often enough that I feel it important to mention.

Document for your reference:
Installing, Managing, Replicating SEP or SEPM in an RDP or Dameware session is expected to fail.
http://service1.symantec.com/SUPPORT/ent-security....

Matt G.'s picture

 Hahahaha, you're kidding me...

Well, FWIW, the "acid test" of checking the System Info page shows the correct user... 

I guess I can reinstall using /console then eh?

Thanks, will give it a shot.

Jeremy Dundon's picture

Sometimes, going to add/remove programs and doing a 'repair' while in session 0 (or console) will resolve this, without uninstall/reinstall.

Matt G.'s picture

 Well, the install randomly stopped accepting passwords about an hour ago. No matter what I put in fails and results in an account lockout.

Going to reinstall from console session and try it again. Wish me luck.

Matt G.'s picture

No change.

Same behavior...

Any ideas? 

Also, I should mention that the initial replication works. No subsequent ones do. Also I can't get the clients to "switch" to the new server. They keep going back to the old one no matter what is in the policy.

Thanks for the help!

gilbert08's picture

does they have the same version?is the network connection is stable?I tried before the replication and i got no problem.just make just all requirements are good such as hw,sepm version and ports as well.

Matt G.'s picture

 Ports are open (firewalls disabled), they're on the same GigE switch.

One is a Hyper-V VM running on Server08DC, running Server08Std. The other is a physical machine (of the same make, model and configuration as the machine hosting the VM). (I don't think that has anything to do with anything)


John_Prince's picture

Any proxies in use in your network?

For possibly more information, I would check the following log:

\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\replication-0.log.

Remote Product Specialist, Business Critical Services, Symantec

Matt G.'s picture

No proxies, here's the entire contents of that log:

2009-08-07 08:58:53.819 SEVERE: ================== Server Environment ===================
2009-08-07 08:58:53.819 SEVERE: os.name = Windows Vista
2009-08-07 08:58:53.819 SEVERE: os.version = 6.0
2009-08-07 08:58:53.851 SEVERE: os.arch = x86
2009-08-07 08:58:53.851 SEVERE: java.version = 1.5.0_15
2009-08-07 08:58:53.851 SEVERE: java.vendor = Sun Microsystems Inc.
2009-08-07 08:58:53.851 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
2009-08-07 08:58:53.851 SEVERE: java.vm.version = 1.5.0_15-b04
2009-08-07 08:58:53.851 SEVERE: java.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jdk\jre
2009-08-07 08:58:53.851 SEVERE: catalina.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat
2009-08-07 08:58:53.851 SEVERE: java.user = null
2009-08-07 08:58:53.851 SEVERE: user.language = en
2009-08-07 08:58:53.851 SEVERE: user.country = US
2009-08-07 08:58:53.851 SEVERE: scm.server.version = 11.0.4202.75
 
Matt G.'s picture

Have opened a ticket with Symantec but I am having no luck. They sent me some documents on how to configure replication, and it is already configured properly, I don't understand why this isn't working...

Any other ideas???

Thanks! 

Matt G.'s picture

 Oh, I should add, that I am able to replicate FROM the NEW to the OLD, but not FROM THE OLD to the NEW...

I've checked and double checked that there are no firewalls or anything else blocking network communication...

I have no idea what is causing this.

Newuser03's picture

I have come to the conclusion from these forums Symantev AV is ----. Sorry i cannot help, i have my own problems with the product.

Matt G.'s picture

The issue was "Mismatched Certificate"

We ended up having to copy the Keystore file from the old server to the new one, open the XML file to find the password, and add the cert to the new server. After this, everything replicated fine.

I feel silly :P 

SOLUTION
Shanth K's picture

 I got a similar problem today. After doing some analysis, I found that remote server was pointed through IP address and that server's IP got changed through DHCP (by oversight, I haven't created a reservation). I was running all connectivity checks through name and hence all tests were succeeding except replication. Now changed the remote server field with name instead of IP and replication succeeded.