Hi all. 

Figures, I've been able to install and manage some SEP 12.1.2 deployhments at customer sites, but at my own site, I can't get clients to talk to SEPM and I'm not sure why. 

I have 3 client systems I'm working with and one SEPM server, all on same local subnet. 

Clients:

• Win XP Pro, has been running Unmanaged SEP 11 for a long time
• Win7 Pro - fresh install
• Win8 Pro - Fresh install (with the KB2781197-removal workaround applied)
• 3 Win2008 R2 Enterprise servers (1 as the host, two as VM's within)

SEPM:

• Installed on 2008 R2 Enterprise server, which is a VM in a non-domain environment. 
• VM host is also 2008 R2 Enterprise as mentioned above

Problem:

The Win XP and Win8 machines cannot communicate with SEPM.  Under Troubleshooting in the client UI, it shows them as Never connected to the server (over port 8014). 

The Windows 7 laptop CAN communicate, as can the host and VMs as well.  Again, SEPM is in a VM for what that's worth. 

The fact that the external laptop can do so should tell me that I don't need to worry about firewall settings etc for the VM running SEPM, right? 

The SEPM install is compmletely default, I haven't even created any policies or anything yet. 

Correction:  After discovering this issue, I edited the default Firewall policy to include the Local Subnet as a blanket Allow All policy. 

I ran SymHelp which I'm new to, which doesn't seem to test network communications issues since none of the feedback it gave seemed to relate to anything network-oriented.  It was all local SMC services and so on.  Actually I'll run it again and post results here. 

So my question is this, how do I go about troubleshooting this one?  A new Win8 system can't communicate, an old XP system can't, but a mew;u omsta;;ed Win7 can?  All using the same SEPM intall package?  (well, the XP was a 32bit). 

Thanks all. 

check this link about communication troubleshooting

http://www.symantec.com/docs/TECH160964

You need to enable sylink logging and you can post the log here

"Thumbs Up" to Pete's and Brian's posts above.  Both suggestions would aid us in helping you.  Just FYI, the article to enable sylink logging is below:

http://www.symantec.com/docs/TECH104758

secars test is the best, whats the result of it?

Testing Communication from an Endpoint Protection client to the Endpoint Protection Manager

http://www.symantec.com/business/support/index?page=content&id=TECH102682

most of the times it will be widows firewall on the clinet machine. or port 8014 being blocked from firewall like ISA. 

Thanks guys.  I'll review this info on Monday.  Also an update, turns out the Windows 7 laptop can't communicate either.  Of the 3 systems outside the VM environment (but on same subnet still), the Win7 laptop shows as having connected once, and this was only back when I first installed the client.  The other two say Never, but in all cases nobody can currently do so. 

Will post again on Monday. 

try this,

http://www.symantec.com/business/support/index?page=content&id=HOWTO55017

Hi,

please check with this.

https://www-secure.symantec.com/connect/articles/sep-121-ru2-and-reset-client-communication

Hi

Please check whether you are able to telnet to SEPM server on port 8014

Regards

Hi all,

Sorry, I have been meaning to get back to this thread. 

Ok, secars test failed (rather, nothing happened).  Web Browser on client system simply coul dnot reach the page requested (or DLL call I believe). 

Telnet to port 8014 did not work. 

I was thinking firewall too, but this is a system with Windows Firewall turned Off for all connection types.  I also tried it with the WFW services turned off too, same result.  Also disabled SEP's NTP, although NTP is completely default anyway so shouldn't block SEP client communications. 

Nothing showing in the Event Logs on the server hosting SEPM. 

Also I enabled logging in the apache access.log file - nothing of value in there gets logged (at least nothing in plain network-admin speak - I'm not a programmer though). 

I also tried sylink logging (debug function from the client I believe it was? memory failing me tonight) - nothing of value logged.  Will re-do that and post log tomorrow. 

I have yet to review the various links you guys have posted in the replies above, so will also do that tomorrow. 

Thank you for everything so far, sorry we haven't narrowed it down yet. 

is the client on 8014 port or different one. secars will work only if you mention the correct port number used by client.

it will be only firewall which is  blocking the connection. should not be windows firewall but may be a network firewall like ISA.

enable sylink it will give you HTTP port.

Hi, 

Is the communication port (default 8014) is open form client to SEPM?

Using Telnet you can check the port.

Regards

Ajin