SEP client showing offline in troubleshouting but online on SEPM
Created: 19 Sep 2011 | 14 comments
HI,
I m having windows 2008 Terminal server, with SEP 11 MR6 installed.It is not showing server details in troubleshouting, status is "offline" , but showing online in SEPM console and definition updating too. I just want to know why it is showing offline in troubleshouting and any solution on that.
Discussion Filed Under:
Comments
Hi, Check can you find
Hi,
Check can you find multiple entries for same machine under SEPM .
Have you tried by replacing sylink.xml ?
Thanks and Regards,
Chetan Savade
Technical Support Analyst,
End Point Security, Enterprise Technical Support
yes..replaced sylink, also
yes..replaced sylink, also restarted but still showing offline.
hi
There is nothing wrong in that, u would have followed this document
http://www.symantec.com/connect/sites/default/files/SEP%20on%20Terminal%20Servers.pdf
check if those registry fixed are applied, if yes the only in the troubleshooting section it will say Offline
however it will communicate and get udpates without any issues,
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Hi
Thanx...
But sometimes it is not getting updates, and i have to restart that server then it is showing definition is updated.
i have tried SEP Support tool, it is showing SRTSP and NAVCORP_70 are of old dated.
it is very deficult to find out the exact issue whya it is not updated.
is there any specific service or port to be allowed in inbound/outbound?
hi
it says 13th SEP is latest defs it has in c program data, virus defs folder howerver sep is not using it
do a update policy or click on clear corrupt defs link, once u clear the defs, observer for few days, its should udpate automatically
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
In logs it is showing 13 th
In logs it is showing 13 th Sept is latest but in SEP client showing 4th Sept under antivirus and antispy protection and out of date Antivirus definition error with yellow screen.
hi
yes its telling 13th is the latest but no one is using it , so its in yellow
clear all the corrupt defs,
start - run
smc -stop
smc -start
check if new defs get used,
http://www.symantec.com/business/support/index?page=content&id=TECH103176
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Hi
Same problem after a couple of week.
Do you mean defintion not
Do you mean defintion not updated or the SEP not showing green dot?
did you try to restart the smc service?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
There are latest definition
There are latest definition present in Virusdef folder but i have to rastart server, then only it showing latest definition on sep client window.
Do you see any event in the
Do you see any event in the application event viewer related to the error message of Symantec Antivirus?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Can you collect the sylink
Can you collect the sylink logs from the client, that will give us a clear picture. and as you are telling that the latest defs are present then please collect the debug logs from the client side and if possible add it to the thread.
Attached syslog on that
Attached syslog on that server.
We need sylink.log not the
We need sylink.log not the syslog server log.
Well since its terminal server so it would be like that it won't show if its online/offline from client system.
Well as you said sometimes it updates and sometimes it doesn't.
I would suggest you to either allow it to connect directly to SEPM to take defs (if GUP is assigned)
Or amy be network issues the defs might have got delayed. What version of SEP is installed on this server ?
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Would you like to reply?
Login or Register to post your comment.