Endpoint Protection Small Business Edition

 View Only
Back to discussions
Expand all | Collapse all

SEPM 11.0.6 Policy Numbers are different between clients and servers

Migration User

Migration UserMar 24, 2011 12:27 PM

 Here is a longer SyLink monitor log...

  • 1.  SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 11:25 AM

    Clients are not updating their definitions from the server.

     

    I have just discovered that policy numbers are different. The server has the latest one.



  • 2.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 24, 2011 11:32 AM

    Please check:

    1. Do the clients have green dots?

    2. What is the status of the server in SEP client interface (help and support -> troubleshooting). Does it indicate server's name, IP or offline?

    3. Run SylinkMonitor on client and past the log to analyse what is the issue between client and server:

    http://www.symantec.com/business/support/index?page=content&id=TECH104758&locale=en_US



  • 3.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 11:39 AM

    Check this good article on Troubleshooting Client Communication -

    https://www-secure.symantec.com/connect/articles/troubleshooting-client-commuincation



  • 4.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 12:09 PM
      |   view attached

    On the client, the SEP status is offline. Some clients have the green dot, even though the logon client is different from the one currently logged on.

     

    I have attached the log from the SyLink monitor. I greatly appreciate your assistance

    Attachment(s)

    txt
    error_5.txt   13 KB 1 version


  • 5.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 12:27 PM
      |   view attached

    Here is a longer SyLink monitor log...

    Attachment(s)

    txt
    main_sylink_monitor.txt   53 KB 1 version


  • 6.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 12:43 PM

    ...as an extra thing. I have noted the APIPA 169.254 address... I have disabled the connection that was giving this but still with the same error.



  • 7.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 24, 2011 12:43 PM

    Check to make sure your Windows firewall is turned off on the manager.



  • 8.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 24, 2011 02:57 PM

    Have you already tried to export sylink.xml from Manager and copy it to client?
    If not, please try this:
    Restoring communication to clients with a new Sylink.xml file
    http://www.symantec.com/business/support/index?page=content&id=TECH106288

    Then, if you still experience this issue, please try this document (you have the same errors destribed in this document):
    Symantec Endpoint Protection Signature verification FAILED for Index File Content
    http://www.symantec.com/business/support/index?page=content&id=TECH102900



  • 9.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 02:14 AM

    I verified that the Windows Firewall is off. (The Symantec Manager is on Windows 2008 R2 Enterprise)

    I Followed the instructions from W-d but the clients still do not get the updates and the serial numbers are still different. The client can be deleted from the clients in the console, but will successfully check in and reappear in the console still with the old updates and different policy number.

     



  • 10.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 25, 2011 03:23 AM

    If this did not solve the problem, please try this document:

    Signature verification FAILED for Index File Content - Clients are green in the SEPM, but show offline.
    http://www.symantec.com/business/support/index?page=content&id=TECH93740

    Let me know if this helps



  • 11.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 07:34 AM

     

    Try to remove the legacy connection settings in the registry and check if you have the same error as mentioned below in the Sylink log:

    Error found in the Sylink log:

    "03/24 18:24:27 [5856] <GetIndexFileRequest:>Send Request failed.. Error Code = 12029

    03/24 18:24:27 [5856] <ParseErrorCode:>12029=>The attempt to connect to the server failed."
     
    ********************
    Locate and backup this registry key:
    Locate HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
     
    Then, remove these two entries:
    HKEY_USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
    HKEY_USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
     
    Reboot and see if it makes any difference.

     



  • 12.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 07:55 AM

    This too is NOT working. I still hope that things will turn better with the many solutions you r giving me.



  • 13.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 08:01 AM

    WIll try out the removing legacy and come back soon....



  • 14.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 11:06 AM

    Still no luck.. maybe reinstallation of the whole thing might work



  • 15.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 25, 2011 11:10 AM

    Launch this command in Internet Explorer on client side:

    http://the_IP_of_Manager:8014/secars/secars?hello,secars

     

    Do you receive OK or any error message?



  • 16.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 11:33 AM

    I do see a big OK message in my web browser. Maybe a reinstallation can do. But i really needed to see what the problem is. 



  • 17.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 25, 2011 12:08 PM

    Solved. I edited the LiveUpdate policy and assigned to one group. THen i copied the SyLink.xml to one client. things are now fine on that client. I have tested with another client.. the SyLink.xml does the magic. I now need to find a way to have this Sylink.xml file on the rest of the clients... anything here???



  • 18.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 25, 2011 01:04 PM

    As mentioned in the document I posted before (http://www.symantec.com/business/support/index?page=content&id=TECH106288) there is a tool SylinkReplacer to deploy sylink.xml remotely to clients. In order to obtain a tool, you will need to open a ticket with TechSupport (can do by webpage -> https://mysupport.symantec.com)

    Here you have details about the tool itself:
    Using the "SylinkReplacer" Utility
    http://www.symantec.com/business/support/index?page=content&id=TECH105211



  • 19.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Posted Mar 26, 2011 04:53 AM

    I got the tool. On windows 7 client, it seems not to work. The message is network path not found. Has to do with enabling the Admin$ c$ on win7.



  • 20.  RE: SEPM 11.0.6 Policy Numbers are different between clients and servers

    Broadcom Employee
    Posted Mar 28, 2011 04:39 AM

    The default admin$ share is used to drop files on clients and is required on clients for this tool to run properly

    If you unzip the tool, you will find the SylinkReplacer1.1.pdf among the files. You can find more useful information there.