Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP 12.1.2: Clients can't communicate with SEPM

Created: 11 Apr 2013 | 11 comments
MIXIT's picture

Hi all. 

Figures, I've been able to install and manage some SEP 12.1.2 deployhments at customer sites, but at my own site, I can't get clients to talk to SEPM and I'm not sure why. 

I have 3 client systems I'm working with and one SEPM server, all on same local subnet. 

Clients:

  • Win XP Pro, has been running Unmanaged SEP 11 for a long time
  • Win7 Pro - fresh install
  • Win8 Pro - Fresh install (with the KB2781197-removal workaround applied)
  • 3 Win2008 R2 Enterprise servers (1 as the host, two as VM's within)

SEPM:

  • Installed on 2008 R2 Enterprise server, which is a VM in a non-domain environment. 
  • VM host is also 2008 R2 Enterprise as mentioned above

Problem:

The Win XP and Win8 machines cannot communicate with SEPM.  Under Troubleshooting in the client UI, it shows them as Never connected to the server (over port 8014). 

 

The Windows 7 laptop CAN communicate, as can the host and VMs as well.  Again, SEPM is in a VM for what that's worth. 

The fact that the external laptop can do so should tell me that I don't need to worry about firewall settings etc for the VM running SEPM, right? 

The SEPM install is compmletely default, I haven't even created any policies or anything yet. 

Correction:  After discovering this issue, I edited the default Firewall policy to include the Local Subnet as a blanket Allow All policy. 

I ran SymHelp which I'm new to, which doesn't seem to test network communications issues since none of the feedback it gave seemed to relate to anything network-oriented.  It was all local SMC services and so on.  Actually I'll run it again and post results here. 

So my question is this, how do I go about troubleshooting this one?  A new Win8 system can't communicate, an old XP system can't, but a mew;u omsta;;ed Win7 can?  All using the same SEPM intall package?  (well, the XP was a 32bit). 

Thanks all. 

 

Operating Systems:

Comments 11 CommentsJump to latest comment

.Brian's picture

You need to enable sylink logging and you can post the log here

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SMLatCST's picture

"Thumbs Up" to Pete's and Brian's posts above.  Both suggestions would aid us in helping you.  Just FYI, the article to enable sylink logging is below:

http://www.symantec.com/docs/TECH104758

Rafeeq's picture

secars test is the best, whats the result of it?

 

Testing Communication from an Endpoint Protection client to the Endpoint Protection Manager

 

http://www.symantec.com/business/support/index?page=content&id=TECH102682

most of the times it will be widows firewall on the clinet machine. or port 8014 being blocked from firewall like ISA. 

MIXIT's picture

Thanks guys.  I'll review this info on Monday.  Also an update, turns out the Windows 7 laptop can't communicate either.  Of the 3 systems outside the VM environment (but on same subnet still), the Win7 laptop shows as having connected once, and this was only back when I first installed the client.  The other two say Never, but in all cases nobody can currently do so. 

Will post again on Monday. 

Ambesh_444's picture

Hi,

 

please check with this.

https://www-secure.symantec.com/connect/articles/sep-121-ru2-and-reset-client-communication

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

SameerU's picture

Hi

Please check whether you are able to telnet to SEPM server on port 8014

Regards

 

MIXIT's picture

Hi all,

Sorry, I have been meaning to get back to this thread. 

Ok, secars test failed (rather, nothing happened).  Web Browser on client system simply coul dnot reach the page requested (or DLL call I believe). 

Telnet to port 8014 did not work. 

I was thinking firewall too, but this is a system with Windows Firewall turned Off for all connection types.  I also tried it with the WFW services turned off too, same result.  Also disabled SEP's NTP, although NTP is completely default anyway so shouldn't block SEP client communications. 

Nothing showing in the Event Logs on the server hosting SEPM. 

Also I enabled logging in the apache access.log file - nothing of value in there gets logged (at least nothing in plain network-admin speak - I'm not a programmer though). 

I also tried sylink logging (debug function from the client I believe it was? memory failing me tonight) - nothing of value logged.  Will re-do that and post log tomorrow. 

I have yet to review the various links you guys have posted in the replies above, so will also do that tomorrow. 

Thank you for everything so far, sorry we haven't narrowed it down yet. 

Rafeeq's picture

is the client on 8014 port or different one. secars will work only if you mention the correct port number used by client.

it will be only firewall which is  blocking the connection. should not be windows firewall but may be a network firewall like ISA.

enable sylink it will give you HTTP port.

AjinBabu's picture

 

Hi, 

Is the communication port (default 8014) is open form client to SEPM?

Using Telnet you can check the port.

Regards

Ajin