Endpoint Protection

 View Only

  • 1.  Telnet fails but SEP11 client works

    Posted Aug 13, 2012 04:21 PM

    Hi

    This is a strange one (for me anyway). I have some clients running SEP11 which are talking fine to their SEPMs.  However a telnet test on port 8014 fails.

    Any idea why this is? Is the client able to use a different port?  I have also run the secars test using http and port 8014 and that work fine.

    What I need to know really is whether telnet on 8014 is still a good standard test of comms or if I need to incoude other ports as well.

    Thanks,



  • 2.  RE: Telnet fails but SEP11 client works

    Posted Aug 13, 2012 05:57 PM

    We don't allow telnet for obvious security reasons. Perhaps the same in your case?



  • 3.  RE: Telnet fails but SEP11 client works

    Posted Aug 13, 2012 08:16 PM

    HI,

    Yes some security reasonr telnet and ping not allowed.telnet blocked by your network team on ACL.so you are not able telnet.



  • 4.  RE: Telnet fails but SEP11 client works

    Broadcom Employee
    Posted Aug 13, 2012 08:16 PM

    telnet service would have stopped



  • 5.  RE: Telnet fails but SEP11 client works

    Posted Aug 14, 2012 03:09 AM

    well it depends from where you are acually trying to do the telnet..  on the SEPM server port 8014 would be in listning state hence you should be able to do telent on port 8014 on the SEPM server, however if you try to telnet to a client it wont work, because the client uses any random available port to communicate to the SEPM, but on the SEPM it communicates on a standard 8014 port, hope this answers your question. This all logic is applicable only when you are sure that there is no firewall blocking the telent and the telent service is up and running.

    Please mark the thread as resolved once you get the expected answer :)



  • 6.  RE: Telnet fails but SEP11 client works

    Posted Aug 14, 2012 03:28 AM

    In case ping is blocked... try "netstat -an" at client end..



  • 7.  RE: Telnet fails but SEP11 client works

    Posted Aug 14, 2012 06:53 AM

    If the above is not the reason. check the below artice and see if the port was changed.

    http://www.symantec.com/business/support/index?page=content&id=TECH106489

     



  • 8.  RE: Telnet fails but SEP11 client works
    Best Answer

    Posted Aug 14, 2012 09:13 AM

    That is an odd one.  For my money, I'd be curious to find out if you use a proxy in your environment, and if the SEP Client traffic (and obviously http traffic) from your endpoints is being routed through the proxy.

    This should be easy enough to tell via the browser for the logged on user's session, but would require enabling sylink logging if you wanted to find out if SEP was doing the same (under the SYSTEM account).

    As it stands though, the secars test is clearly more reliable.  Telnet'ing port 8014 is just quicker/easier that rummaging out the secars URL is all, and still serves as a useful preliminary indicator.  There are no other ports used for client communications (unless you have a custom configuration).



  • 9.  RE: Telnet fails but SEP11 client works

    Posted Aug 14, 2012 10:50 AM

    Thanks for all the replies - a lot of good information, and all of them together have pointed me in the right direction.

    What I have found out is that telnet is indeed blocked on the firewall, but the 8014 port is open.  So in this case the secars test is definitely more useful.  However that test is itself reliant on IE using an internal proxy.

    So ultimately a successful secars test is the one to have.

    Thanks everyone.