Endpoint Protection

 View Only
  • 1.  "Failed to contact Symantec Endpoint Protection."

    Posted Aug 23, 2017 02:49 PM

    Hello All,

    I stopped and restarted the symcfgd service using the command "/etc/init.d/symcfgd stop" and "/etc/init.d/symcfgd start".

    All the services came back up again (symcfgd, smcd, and rtvscand), but I began to get this error message when running "./sav manage -s" and "./sav manage -h":

    "Failed to contact Symantec Endpoint Protection."

    This is from a server that appeared to be working correctly before.

    I verified that server could ping the SEPM manager and did a telnet to port 8014 on SEPM and port 7070 on the LiveUpdate server, and it connected no problem.

    This is baffling me what could have gone wrong.

    The server is running redhat 7.4, the SEP client is 12.1.7061.6600

    Any ideas?

    PG



  • 2.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 23, 2017 02:52 PM

    I would start by running SymDiag on it to see what it shows in terms of warnings/errors.

    -Brian



  • 3.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 23, 2017 02:57 PM

    Paul,  please check if the version is supported with the SEP you installed.  I have this issue before with my RHEL 7.3 and when SEP 14 released they supported my version.  Hope this help.



  • 4.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 24, 2017 09:48 AM

    Brian - the SymDiag tool threw this error:

    Checking for updates via HTTPS
    Failed to download via HTTPS
    Please check internet connection or Contact Symantec Support.

    This system doesn't have a direct internet connection anyway - it's supposed to check into a local LiveUpdate server for updates.

    I'm suspicious of the network connectivity. The system stopped checking in at the same time I disabled firewalld to do some troubleshooting - the last check-in time was the exact same time firewalld was disabled. Re-enabling it didn't bring it back to life.

     

    Checky04 - all of our other RHEL servers are at the same kernel #, so I think the issue is specific to this particular server

     



  • 5.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 24, 2017 11:08 AM

    Just a thought - is there any special tweaks that need to be added to firewalld to get the SEP client working correctly?



  • 6.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 24, 2017 11:15 AM

    The client communicates with SEPM over tcp 8014.



  • 7.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 24, 2017 11:26 AM

    I got that part - telnet can connect with the SEPM over 8014 - I was wondering if some service or something has to be enabled in firewalld locally to allow the Symantec services to get out to the SEPM



  • 8.  RE: "Failed to contact Symantec Endpoint Protection."

    Posted Aug 24, 2017 03:06 PM

    Another thing I noticed, the one server I'm having the most issues with has Java 8 Update 144 installed, and others that are working better have 8 Update 131 installed instead - would that suggest a java compatibility problem?