Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Subscribers 12 subscribers
  • Views 9310 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Management Communication won`t work

Tobias Kittsteiner

Hello,

I am sorry for asking again but I have another problem regarding the communication between Sophos Endpoint and Sophos Central.

 

In our network we use an user authenticated proxy to connect to the internet.

I created a special user for the connection between the endpoints and Sophos Central. This user authenticates on the proxy without any problems.

 

These are the setting in Sophos Central:

After configuring the Proxy in Sophos Central I downloaded the windows client and installed it on several devices.

Unfortunately these devices can`t communicate with Sophos Central:

 

The PCs itself have access to the internal network and to the external internet.

As soon as I connect the PCs to an external network (without proxy) the communication establishes and works without problems.

 

Are there any errors I made regarding the configuration?

-I inserted our proxy settings with tested credentials into Sophos Central

-After this I downloaded the client software and installed it on our PCs

-The PCs can connect to the internet but the endpoint software seems to ignore the proxy settings

-I also tried this solution but without any effect

 

Thank you for your help!



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Tobias Kittsteiner

    Hello Tobias Kittsteiner,

    no problem.
    You say that updating (that AFAIK should use the same proxy) does work?

    Christian

  • 0 in reply to Tobias Kittsteiner

    I tried a clean reinstall of Sophos endpoint on a new PC.

    Still I receive errors regarding the proxy authentication:

     

    [11592] INFO  [connect: system proxy] trying proxy prx.COMPANY.de:8080

    [11592] INFO  GET mcs-cloudstation-eu-central-1.prod.hydra.sophos.com:443/.../ep

    [11592] INFO  407 Proxy Authentication Required: sent=0 rcvd=0 elapsed=4ms

     

    Is there another option to set the Authentication?

    I configured successfully tested proxy credentials into Sophos Central. I even tried four different credentials (After every change I reinstalled Sophos endpoint)

    All of my test PCs have a proper connection to the internet. All of them use the same proxy with the same authentication credentials (I test with the same user on all machines). Other software like Microsoft Office, various Browsers, Putty... can connect to the internet without any problems.

    The proxy authentication works via Integrated Windows Authentication (Active Directory). This means I only have to set the proxy address and port in the internet settings like this:

  • 0 in reply to QC

    Yes, the updates are working properly.

  • 0 in reply to Tobias Kittsteiner

    Hello Tobias Kittsteiner,

    I'm not a Central user so unfortunately I have no detailed knowledge of MCS or MCS vs. AutoUpdate. The article Shweta referred to also mentions AutoUpdate besides MCS Client. I'm somewhat surprised that one works but not the other (but then they might not share the same code).

    I'm always inquisitive and personally I'd give the custom log level a try (whether there's a request by Support or not [;)]) - dunno if indeed the 0 in the example is indeed debug. Of course you could open a ticket with Support. There's only one setting for both AU and MCS and I'm not aware of documented differences or limitations.

    Christian

  • +1 in reply to QC

    Out of interest, do you have a server that could act as a message relay, then allow the server out without going through the proxy in some way?

    This way, the clients should message via that.  Just an idea.  

    Regards,
    Jak

  • 0 in reply to jak

    Hello all!

     

    After I tried several options and configurations (including reinstall of the endpoints many, many times) I created a update cache and relay server.

    Our firewall specialist configured the ports 8190 and 8191 for the relay server.

    After that I am able to distribute the updates and configurations to the whole test environment.

     

    Thank you for your efforts!!

Unfiltered HTML