Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 6 subscribers
  • Views 9250 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos - unable to download updates

roydeep

Hi,

 
I am using Sophos Anti-Virus Version 8.0.14C on my MacBook Pro running Mountain Lion OSX 10.8.3.
 
I am unable to download updates from the Sophos primary server. On trying to update, it gives an error message: "Could not contact primary server"
 
On viewing the Sophos Anti-Virus log, I see the following:
 
com.sophos.autoupdate: Updating catalogue information at 14:05:25 27 May 2013
com.sophos.autoupdate: Catalogue updated at 14:05:30 27 May 2013
com.sophos.autoupdate: Error: Failed to get remote version at 14:05:30 27 May 2013
com.sophos.autoupdate: Error:Could not contact primary server at 14:05 on 27 May 2013
com.sophos.autoupdate: URL is invalid
 
So could you please provide me the IP address of the primary server from where it downloads the updates so that I can check if there is some problem at my end which is preventing access for some reason? Could you please identify the server names and ports that are being used for the Anti-Virus update? I have tried to get the info using Wireshark on my Mac. However I am unable to locate the server IPs in the Wireshark capture and hence cannot identify which port may be getting blocked.
 
Looking forward to your response at the earliest please.

Best Regards

:1012274


This thread was automatically locked due to age.
Parents
  • 0

    Hi roydeep,

    Unfortunately your screenshot didn't come through, but I can guess what it looks like.

    The Mac home edition performs updates over HTTP, which uses port 80. Everything starts with a connection to http://dci.sophosupd.com. After that it will connect to different servers (in the sophosupd.com or sophosupd.net domains) as needed. All of this content is hosted on Akami.

    The home edition only connects to Sophos for updates (which is why the "Use secondary location" option is not available). Each install will generate its own unique credentials (which will explain why different machines show different strings).

    Common updating problems are usually related to your machine's access to the Internet through filtering devices or proxies or other HTTP filtering software. Do you use an authenticating proxy? Check your System Preferences, Network, Advanced, Proxies panel for details.

    If you are familiar with Wireshark or tcpdump, getting a trace of the network traffic during an update is very revealing and usually beneficial.

    :1012296
Reply
  • 0

    Hi roydeep,

    Unfortunately your screenshot didn't come through, but I can guess what it looks like.

    The Mac home edition performs updates over HTTP, which uses port 80. Everything starts with a connection to http://dci.sophosupd.com. After that it will connect to different servers (in the sophosupd.com or sophosupd.net domains) as needed. All of this content is hosted on Akami.

    The home edition only connects to Sophos for updates (which is why the "Use secondary location" option is not available). Each install will generate its own unique credentials (which will explain why different machines show different strings).

    Common updating problems are usually related to your machine's access to the Internet through filtering devices or proxies or other HTTP filtering software. Do you use an authenticating proxy? Check your System Preferences, Network, Advanced, Proxies panel for details.

    If you are familiar with Wireshark or tcpdump, getting a trace of the network traffic during an update is very revealing and usually beneficial.

    :1012296
Children
No Data