Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 92 replies
  • Subscribers 6 subscribers
  • Views 573652 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Failed To Download Update / Could not contact primary server

cminus

This morning, the Sophos icon displayed an X in the center of the shield but wasn't grayed out, and the first entry on the menu was a grayed out "Failed To Download Update".  Choosing "Update Now" causes the Sophos AutoUpdate Status window to open, briefly display the "downloading" bar, then end with "Could not contact primary server" and "Authentication Error" followed by the date and time.  Looking into the console, I see that early this morning there were a number of messages regarding Sophos, almost all of them along the following lines: "3/19/15 7:28:22.685 AM SophosSXLD[137]: [SMESXLInterface.m:437] no DNS addresses found", and similar messages appear to go back to at least March 13.

Is there a problem with the Sophos server, and if so what's the prognosis?  Or is it something with my computer, and if so what should I do?  I'm running Sophos Home Edition 9.2.4 (Threat detection engine 3.58.1, Threat data 5.12) on a Mac running OSX 10.9.5.

:1020416


This thread was automatically locked due to age.
Parents
  • 0

    Hi CGY

    Unforutnately this issue has been popping up here and there over the last week, and in order for us to investigate, I need you to run some troubleshooting commands, and send the results back to me. It

    Step 1 TCP Capture a Failed Update

    1. Spotlight search "terminal" and press enter.

    2. Copy and paste this command and press enter: ifconfig

    • make note of the 'active' interfact name
    • in the example below, the active interface is en0
    • you will need to know the active interface for the next step

    Note: It's best to do the next steps as quickly as possible, otherwise the tcpcapture will genrate an extremely large file, which could cause issues when attempting to email the file. I would recommend reading through all the steps before you proceed. 

    4. Copy and paste the below command into the terminal. Replace <interface> with the number from step 1. For example, mine would look like this:  sudo tcpdump -w capture.pcap -s 0 -i en0 port 80

    sudo tcpdump -w capture.pcap -s 0 -i <interface> port 80

    5. When you are ready to start, hit enter

      • If prompted for a password, enter your admin password (same as you use to install software on your mac)

    6. Click the Sophos sheild icon and click on Update Now

    7. As soon as the update fails, go back to your terminal window and hit control-c or command-c to quit the capture

    8. This will create a file on your hard drive called capture.pcap. Spotlight search for this file and email it to me > serra@sophos.com

    Step 2 Run the following commands 

    1. Go back to the terminal and copy the following lines, one line at a time, and press 'enter' at the end of each line

    traceroute -I dci.sophosupd.com

    ping -c 5 dci.sophosupd.com

    dig @208.67.222.222 myip.opendns.com +short

    2. Copy and paste the output of these commands into the email, along with the tcp capture above.

    Hopefully that makes sense, if you need any help just let me know. 

    :1021341
Reply
  • 0

    Hi CGY

    Unforutnately this issue has been popping up here and there over the last week, and in order for us to investigate, I need you to run some troubleshooting commands, and send the results back to me. It

    Step 1 TCP Capture a Failed Update

    1. Spotlight search "terminal" and press enter.

    2. Copy and paste this command and press enter: ifconfig

    • make note of the 'active' interfact name
    • in the example below, the active interface is en0
    • you will need to know the active interface for the next step

    Note: It's best to do the next steps as quickly as possible, otherwise the tcpcapture will genrate an extremely large file, which could cause issues when attempting to email the file. I would recommend reading through all the steps before you proceed. 

    4. Copy and paste the below command into the terminal. Replace <interface> with the number from step 1. For example, mine would look like this:  sudo tcpdump -w capture.pcap -s 0 -i en0 port 80

    sudo tcpdump -w capture.pcap -s 0 -i <interface> port 80

    5. When you are ready to start, hit enter

      • If prompted for a password, enter your admin password (same as you use to install software on your mac)

    6. Click the Sophos sheild icon and click on Update Now

    7. As soon as the update fails, go back to your terminal window and hit control-c or command-c to quit the capture

    8. This will create a file on your hard drive called capture.pcap. Spotlight search for this file and email it to me > serra@sophos.com

    Step 2 Run the following commands 

    1. Go back to the terminal and copy the following lines, one line at a time, and press 'enter' at the end of each line

    traceroute -I dci.sophosupd.com

    ping -c 5 dci.sophosupd.com

    dig @208.67.222.222 myip.opendns.com +short

    2. Copy and paste the output of these commands into the email, along with the tcp capture above.

    Hopefully that makes sense, if you need any help just let me know. 

    :1021341
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?