Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 7001 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC missing computer details and unable to apply policies

CFB

We recently had a hard drive failure on our Windows 2003 Sophos Enterprise Console 4.5 server and discovered that our backup was corrupt.  The server has been rebuilt (same host/doman and IP address) and I've installed SEC 4.7.

Existing client computers are unable to pickup definition updates.  I can see them SEC, but am not able to not collect computer details or send them policies (greyed out).

On one client computer I uninstalled the Antivirus, Updater and Management components, restarted, then reinstalled using a command line to the Sophos server share.  It is able to pickup updates, but no computer details are showing and I am unable to send it policies.

Windows Group Policy is opening the three standard Sophos ports (UDP & TCP) on the client computers.

:15357


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    The lack of certificates is the problem then.

    Are you able to paste here a router log from the client?

    In an ideal world the corresponding router log from the server also so we can see the client talking or not talking as it might be to the server?

    Restarting the router wil create a new log, to reduce the size, if you could restart the router and wait maybe 45 seconds that should be enough.

    I assume that the parentaddress value in the registry of the client is valid for the server? I.e.

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router \ParentAddress

    RouterNT.exe on the client can connect to TCP port 8192 and 8914 on the server?

    Ideally the server can connect to TCP port 8194 on the client?

    Can you telnet to port 8192 and 8194 of the server from the client?
    If so can you paste here the string returned from 8192? 


    Regards,

    Jak 

    :15659
Reply
  • 0

    Hi,

    The lack of certificates is the problem then.

    Are you able to paste here a router log from the client?

    In an ideal world the corresponding router log from the server also so we can see the client talking or not talking as it might be to the server?

    Restarting the router wil create a new log, to reduce the size, if you could restart the router and wait maybe 45 seconds that should be enough.

    I assume that the parentaddress value in the registry of the client is valid for the server? I.e.

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router \ParentAddress

    RouterNT.exe on the client can connect to TCP port 8192 and 8914 on the server?

    Ideally the server can connect to TCP port 8194 on the client?

    Can you telnet to port 8192 and 8194 of the server from the client?
    If so can you paste here the string returned from 8192? 


    Regards,

    Jak 

    :15659
Children
No Data