SEPM replication partner
Created: 06 Sep 2012 | Updated: 11 Sep 2012 | 10 comments
This issue has been solved. See solution.
I have a main Symantec Endpoint Protection Manager (SEPM1), I have done a replication partner on a server in my DR (SEPMDR). I can see from the management server that replication is being done.
I stopped service Symantec Endpoint Protection Manager to be able to test SEPM1. There is a client installed on SEPM1, on SEPMDR I can see that the client on SEPM1 has connected, but when I check the actual client (Help and Support> Troubleshooting) there is no green dot. Is this normal?
What test can I do on the SEPMDR to check that clients have connected? If SEPM1 is unavailable for 2-3 days, will the clients update normally?
Any tip, link will be very helpful.
Discussion Filed Under:
Comments 10 Comments • Jump to latest comment
there is no green dot. Is this normal?
yes, in case if the Management server list is not set for that group the client will not fall back to other SEPM
create a management server where the prioirty 1 is the existing SEPM, priority 2 is the DR SEPM
check this article to create a MSL
http://www.symantec.com/business/support/index?page=content&id=HOWTO55402
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hi,
Do you have configure Failover between replication ?
What is Management Server List and how to configure Failover between replication partners using embedded database.
https://www-secure.symantec.com/connect/articles/w...
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi,
Replication enables data to be duplicated between databases one separate sites so that both databases contain the same information. If one database fails, you can manage the entire site by using the information on the database from another site.
After configuring replication please set Management Server List (MSL) with the correct priority for failover.
By default, the management servers are assigned the same priority when configured for failover and load balancing. If you want to change the default priority after installation, you can do so by using the Symantec Endpoint Protection Manager console. Failover and load balancing can be configured only when a site includes more than one management server.
What test can I do on the SEPMDR to check that clients have connected? If SEPM1 is unavailable for 2-3 days, will the clients update normally?
--> You are testing in correct way, however green dot should stay on the client to receive the latest updates.
Check following articles as well:
Description of the different shield icon statuses in the System Tray for Symantec Endpoint Protection
http://www.symantec.com/docs/HOWTO55020
How replication works
http://www.symantec.com/docs/HOWTO55328
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Dear Chetan,
Management Server List has already been configured as per extract from sylink.xml below:
- <ServerList Name="New Management Server List">
- <ServerPriorityBlock Name="Priority1">
<Server Address="198.16.4.57" HttpsVerifyCA="0" VerifySignatures="1" />
</ServerPriorityBlock>
- <ServerPriorityBlock Name="Priority2">
<Server Address="198.20.4.57" HttpsVerifyCA="0" VerifySignatures="1" />
</ServerPriorityBlock>
</ServerList>
Have I set the priority correctly, 198.16.4.57 is the main SEPM?
I saw that client do failover on the SEPMDR, some client appear with green dot on SEPM and some as 'The client can communicate with Symantec Endpoint Protection Manager at another site'. But still when I check the client, Help and Support>Troubleshooting> Server is Offline.
The strange thing though is that when I check the policy serial number in the SEPMDR, there is no serial number at all. Is this normal? Is there a way for me to remedy to this?
Please find report from sylink monitor:
09/07 13:51:38 [3004] <GetIndexFileRequest:>SMS return=500
09/07 13:51:38 [3004] <ParseHTTPStatusCode:>500=>500 INTERNAL SERVER ERROR
09/07 13:51:38 [3004] HTTP returns status code=500
09/07 13:51:38 [3004] <GetIndexFileRequest:>RECEIVE STAGE COMPLETED
09/07 13:51:38 [3004] <GetIndexFileRequest:>COMPLETED
09/07 13:51:38 [3004] <IndexHeartbeatProc>GetIndexFile handling status: 500
09/07 13:51:38 [3004] <IndexHeartbeatProc>Switch Server flag=1
09/07 13:51:38 [3004] HEARTBEAT: Check Point 5.1
09/07 13:51:38 [3004] <ScheduleNextUpdate>new scheduled heartbeat=2048 seconds
09/07 13:51:38 [3004] HEARTBEAT: Check Point 8
09/07 13:51:38 [3004] Get Next Server!
09/07 13:51:38 [3004] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
09/07 13:51:38 [3004] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
09/07 13:51:38 [3004] <IndexHeartbeatProc>====== IndexHeartbeat Procedure stops at 13:51:38 ======
09/07 13:51:38 [3004] <IndexHeartbeatProc>Set Heartbeat Result= 1
09/07 13:51:38 [3004] <IndexHeartbeatProc>Sylink Comm.Flags: 'Connection Failed' = 1, 'Using Backup Sylink' = 0, 'Using Location Config' = 0
09/07 13:51:38 [3004] <IndexHeartbeatProc>Connection Failed! No. of tries = 1
09/07 13:51:38 [3004] Use new configuration
09/07 13:51:38 [3004] HEARTBEAT: Check Point Complete
09/07 13:51:38 [3004] <IndexHeartbeatProc>Done, Heartbeat=2048seconds
09/07 13:51:38 [3004] </CSyLink::IndexHeartbeatProc()>
Any help will be much appreciated.
Hi,
Compare Sylink.xml file of both the clients which are online and offline.
MSL mentioned above seems to be correct however it should be applied to all the groups/clients.
MSL is same on another SEPM right?
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Dear Chetan,
MSL is the same on the main SEPM and replication partner. This is the correct way to do it?
Please find error report from sylink monitor:
<GetIndexFileRequest:>SMS return=503
<ParseHTTPStatusCode:>503=>503 SERVICE NOT AVAILABLE
[3004] HTTP returns status code=503
What could be the cause of the problem?
Hi,
Q. MSL is the same on the main SEPM and replication partner. This is the correct way to do it?
--> It's correct.
Do one thing, replace Sylink.xml of offline machines and re-check whether failover is taking place or not.
After replacing sylink.xml client must come online with green dot.If not then there is a communication problem.
Restoring communication to clients with a new Sylink.xml file
http://www.symantec.com/business/support/index?page=content&id=TECH106288
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Check this video also.
Replication Concepts and Configuration
https://www-secure.symantec.com/connect/videos/rep...
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
I have been able to solve the problem
All I had to do is copy everything in folder
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent from the main server to the replication server.
hi,
Check SEP client are able to telnet ?
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Would you like to reply?
Login or Register to post your comment.