Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 1 subscriber
  • Views 60991 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

problem with connected computer not showing as connected

Jvuz

Hello,

I'm having a problem with one of our machines. It is connected, but doesn't show as connected in the console. The firewall isn't on and I can ping the ip-address. And it seems the machine is till doing his update, probably via the sophos server (I set it up to be the second update server) instead of our server. What could it be?

Jo

:13235


This thread was automatically locked due to age.
Parents
  • 0

    (Post edited by Mod to update port number in step 4. )

    Hi,

    The connected state is really an indication that the Sophos Message Router service (RouterNT.exe) on the client has logged on to the Sophos Message Router Service (RouterNT.exe) on the management server.  The Router initiates logon and logoff messages to do this.

    I will assume that the other machines are ok, in which case it will be a problem with the client exclusively I would think.


    As long as on the client:
    1. The Sophos Message Router has a valid certificate:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private\pkc

    and
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private\pkp

    Note: if you delete these 2 keys on the client (don't on the server :) ) and restart the router, the client will re-request new certificates.  You could try that, this would indicate much of RMS is working. 

    2.  Has the correct parent address:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\ParentAddress


    3. The Sophos Message Router service is started.

    4.  The client can connect to TCP 8192 and TCP 8194 of the parent Router.  Ideally the server can also connect to TCP 8194 of the client to ensure faster responsiveness of downstream messages from server to client.


    So restarting the Sophos Message Router service on the client should force a log back on and update the connected state of the machine in SEC if all the above is correct.

    The main logs to check are on the client under:
    "\ProgramData\Sophos\Remote Management System\3\Router\Logs\" (2003+ or documents and settings for older OS).

    A new file is created each time the router starts or when they get to 1MB in size. I would also check that for failure to log on. Note: The server router should have corresponding messages it its router log for the client.

    Hope this helps,

    Regards,

    Jak

    :13239
Reply
  • 0

    (Post edited by Mod to update port number in step 4. )

    Hi,

    The connected state is really an indication that the Sophos Message Router service (RouterNT.exe) on the client has logged on to the Sophos Message Router Service (RouterNT.exe) on the management server.  The Router initiates logon and logoff messages to do this.

    I will assume that the other machines are ok, in which case it will be a problem with the client exclusively I would think.


    As long as on the client:
    1. The Sophos Message Router has a valid certificate:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private\pkc

    and
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\Private\pkp

    Note: if you delete these 2 keys on the client (don't on the server :) ) and restart the router, the client will re-request new certificates.  You could try that, this would indicate much of RMS is working. 

    2.  Has the correct parent address:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router\ParentAddress


    3. The Sophos Message Router service is started.

    4.  The client can connect to TCP 8192 and TCP 8194 of the parent Router.  Ideally the server can also connect to TCP 8194 of the client to ensure faster responsiveness of downstream messages from server to client.


    So restarting the Sophos Message Router service on the client should force a log back on and update the connected state of the machine in SEC if all the above is correct.

    The main logs to check are on the client under:
    "\ProgramData\Sophos\Remote Management System\3\Router\Logs\" (2003+ or documents and settings for older OS).

    A new file is created each time the router starts or when they get to 1MB in size. I would also check that for failure to log on. Note: The server router should have corresponding messages it its router log for the client.

    Hope this helps,

    Regards,

    Jak

    :13239
Children
No Data