Endpoint Protection

I have installed SEP 11 and added the clients by IP adress. Afterwards I manage to install SEP on the clients through the server.

But one of the two clients have error. SEP is installed on the client, but it is not updated and even I try to update policy nothing happends

But on the server, if I try to right click on one of the clients and try to enable auto protect, it tells me that the selected client is not connected to the server. I have disabled simple file sharing on the client - but somehow it is also wired that I still manage to install SEP11 on the client, but are not able to connect to them through the server afterwards

This is the wrong forum (this is for ticketing software), but check to make sure the client can communicate with the server.  Since one client works and the other doesn't, it doesn't seem to be the server's problem.  You may want to try disabling Windows Firewall on the client that's having trouble, and confirm that you can contact your SEPM on TCP port 8014, which is the default.

If the SEP icon on the trouble client has no green circle, it is either unmanaged or is managed but cannot communicate with the server.  If it has a green circle, it is managed and communicating with the server.

If a client is "not updated," I assume you mean definitions are out of date.  But using the Update Policy command will not update content.  This option is for updating the configuration by requesting a new policy from the server, if a new policy exists.  If you want to update content, click the Fix button within the GUI.

The reason you might be able to install SEP but not communicate afterward is that different ports are used for installation (139 and 445, I think) than are used for communication (8014).

Moved to SEP forum

yes i agreed to mc that please check your windows firewall and if possible check for the communication ports, these only the issues,try to restart the client pc from the sepm and see wather it works or not.

There are 3 pc´s all running on windows sbs 2008. (one of them not yet installed)

I have started the pushed the installation to the clients through the server. And it is succesfully installed. But there is only the yellow shield on the pc´s - on the server where I also have installed it, there is the yellew shield icon + the green circle.

But as Far I could read, it means the clients are not manage through the server if the green circle is not in the shield - and that is what I would like they are

I have attached an image of the situation in the sep

Test client communication according to this KB:

http://www.symantec.com/business/support/index?page=content&id=TECH102682

Does the web page say 'OK'?  If so, the client can successfully connect to the server on TCP port 8014, which is necessary for client-server communication.  (If you used a custom port for some reason, replace 8014 with the custom port number.)

If the web page does not load and say 'OK,' then the client cannot communicate with the server.  Try turning off Windows firewall and/or any third-party firewalls.  Run the test again.  If it still fails, you may want to ask your network administrator if a network device or firewall is preventing the client on that network segment from contacting the server on that port.  It's possible the network administrator is restricting traffic.

Does this help?

disable windows firewall on the 2008 Server , if it is ON.

I add an exception for TCP 8014 rather than disable the firewall.  Works perfectly.

Here is a great article written by Prachand on troubleshooting Client communication.

https://www-secure.symantec.com/connect/articles/troubleshooting-client-commuincation

Keep us posted on your issue.

best,

Thomas

I just did the test on the server regarding

http://10.0.2.2:8014/secars?hello,secars
 

On the server is of course works and say OK

On the client the request just time out and the site can not be showed. So I guess it is a firewall problem on the server ? - right ?

Are you using the optional HTTPS for communications? If so, port 443 needs to be allowed.

If that fails to work, then try disabling the firewall as Rafeeq stated above.

Thomas

1. Turn Windows Firewall off on the server, then retest.  If it works now, the problem is the server's firewall.  Add port exceptions for TCP 8014 and turn the firewall on.  Retest -- it should still work.
2. If turning Windows Firewall off on the server does not resolve, turn it back on.  Then, on the client, turn off Windows Firewall and test as above.  If this resolves the issue, add a port exception for TCP 8014.  If this does not resolve the issue, proceed to Step 3.
3. Turn off both firewalls.  If this resolves the issue, add port exceptions for the server and for the client.  If the issue is not resolved with firewalls off on both client and server, a communication issue of some other kind may exist -- such as a network device restricting traffic.  In this case, contact your network administrator.

Does this help?

It was the firewall - now there is a green dot in the shield.

I installed the client, but somehow it wonders me that while sep is being installed it also connect to symantec ftp to download several signatures etc.

Isn´t the clients supposed to get those from the server as they are managed from there ? - afterwards the green dot is still in the shield, so there is a connection.

i was right, it was firewall ;)

for the liveupdate trying to connect external liveupdate server , you need to check your policy.

under liveupdate policy there is two options, user sepm or go to internet,

when you export a package, u export it with a policy, thats y its trying to go to internet as both options were checked, check it again, u will find external option checked ;)

The install runs LiveUpdate unless you add a switch to tell it not to run LiveUpdate.  If you run through an .msi manually, for example, you'll notice that LiveUpdate runs at the end.

You're correct that they should get it from the server, but the best practice for content is to create locations so that clients that cannot reach the management server use LiveUpdate to download from the internet.  Aside from the obvious security benefit, you also reduce bandwidth when clients come back to the network, since they're able to use smaller microdefs from the SEPM than if they were farther behind.