Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 12178 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring SEC 4.7 without internet connection

Fpo69

Hi all,

I have to configure an EC 4.7 in a network without internet connection.

I have a SEC 4.5 server in the internet zone. I have configured a new subscription to download the 9.7 antivirus

Every day, a copy of Warehouse  and cids is made from internet zone to production zone

I have followed the procedure to confgure SEC 4x in air-gapped network, but it doesn't work : http://www.sophos.com/support/knowledgebase/article/64899.html

The warehouse folder \\xxx\sophosupdate is not up to date, only few files are copied from \\xxx\sophosupdatemanager and no CID folder is created

Thanks for your help

:14479


This thread was automatically locked due to age.
  • 0

    Hello Fpo69.

    does the air-gapped server show any error in the Update Managers view? Please check the applicable SUMTrace log - it should show why the "download" stops.

    Christian

    :14489
  • 0

    There's no error message in the Sumtrace log.

    Each time it copies the same number of files (370files) in the sophosupdate share

    Fabrice

    :14499
  • 0

    Hello Fabrice,

    as you said you connected 4.5 server has a subscription to 9.7 it should be available. Did you also subscribe to 9.7 on the 4.7 server? What's the status in the Update manager view on your SEC4.7 and the Software subscription status in the update manager details view?

    Using logviewer.exe (in the Sophos\Enterprise Console\SUM view could you perhaps copy and post the lines corresponding to an update attempt (roughly the same timestamp).

    Christian

    :14507
  • 0

    Hello Christian,

    I'm not able to subscribe to 9.7 on the 4.7 server. When I want to choose the subscription . When I want to "view/edit subscription" to choos 9.7, it prompt me to configure the "download security soft wizard". 

    But I cannot configure it because I don't have an internet connection.

    In the SUM config I configure the sources as \\xxxx\sophosupdatemanager with the appropriate credentials

    Fabrice

    :14509
  • 0

    Fabrice,

    can't remember what the wizard is asking (it's too long ago that I've used it :smileyhappy:) but I don't think that you need a connection to complete it. Furthermore if you have configured the updating source (you shouldn't need credentials as this is a local share) the list of products should be available anyway.

    Try to complete the wizard (ignore its complaints). It should then be possible to configure the subscription.

    Christian 

    :14515
  • 0

    Christian,

    Impossible to continue with the wizard without internet connection.

    So I configure directly the source in update manager. 

    Is there another way to retrieve the products's catalog

    Thanks

    Fabrice

    :14549
  • 0

    Hello Fabrice,

    you are right, you have to cancel the Wizard at this point (which I did after entering some random credentials and waiting for the check to time out). Dunno if other means to exit the wizard (going <Back or just closing the window - is this possible?) make a difference.

    As you might already guess I've played it through. Using \\AirGappedServer\SophosWarehouse as primary source (and after tons of warnings) it "downloads" metadata and SUM software to \\AirGappedServer\SophosUpdate\Warehouse as expected - 379 files.

    The Update managers view says Never for Last updated and Last checked at ... for Download status. The Recommended subscription to the left can be opened and contains the list of products with none selected. I've selected 9.7, got another warning that I'm not updating from Sophos and saved it. Then in View/Edit Configuration tab Subscriptions moved Recommended to the right pane and saved the configuration. Download status switches to Downloading binaries (some 900 files are copied to the Warehouse) and after a short while to Last checked at ... and now Last updated contains a timestamp.

    This is how it has to work (I don't say should :smileywink:).

    HTH

    Christian

    :14555
  • 0

    Christian,

    What are the ohers 9 files ? the "catalog" folder ?

    I really don't understand why it doesn't work :smileysad:

    Thanks

    Fabrice

    :14567
  • 0

    Hm, probably. Now thinking about it - SEC47 might not "like" the catalog information in the SEC45 warehouse. At the moment I've no idea how to make it accept the catalogs (if this is the cause).

    [Edit]

    Wonder why it is copying all these files and then apparently not finishing the job. I've already zilched my test installation (had to use it for other purposes) so I can't check what SUM writes to the SUMTrace log - but I expect it does write. So could you empty the target warehouse so it "downloads" again and then check the SUMTrace logs?  

    And I think Support should be able to answer whether using the SEC45 warehouse as source for the SEC47 should work or not. 

    [/Edit]

    Christian

    :14571
  • 0

    I think you're right and I'll test installing a SEC 4.7 on a VM with internet access, download 9.7 updates and copy them to production.

    I'll be back in 2 weeks and I hope I'll have good news.

    Thanks for your help

    Fabrice

    :14577