Scenario: Currently have a Sophos Update Manager on the DMZ that all the DMZ servers get there updates from The situation is that I need all the DMZ servers to report back to the Sophos Enterprise Console for reporting The ports are open on the DMZ for 8192 and 8194 back to the Sophos Update Manager on the DMZ server but it needs to report back internally to the Sophos Enteprise Console in our internal network My thoughts are that we need to create the Sophos Update Manager on the DMZ server as a Message Relay Server so it can report back to the Sophos Enterprise Console. From the DMZ server back to the Sophos Enterprise Console server the ports are already open for 8192 and 8194 Do I need to create a message relay server on the SUM DMZ server? If so, how do I do that? After I believe that we need to change the registry values, if we need to create a message relay server on the DMZ Change registry values on the message relay From reading the sophos article below, I need to change the registry values on the Message Relay server Article 50832 Message relay server (DMZ) = 10.x.x.x; WORKGROUP and on the DMZ Sophos Internal Management Server - IP Address = 172.16.xx.xx; Computer Name = SophosMgmtServer; Apart of the Domain. Example from the Sophos Website of the registry a) To immediately affect the service: Modify the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Message Router\ImagePath to the following (all one line): "C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBDottedDecimalAddresses 0 -ORBListenEndpoints iiop://:8193/ssl_port=8194 &hostname_in_ior=MR.domain.com Restart the Message Router service on the message relay. b) To make the change persistent when an RMS update/reinstall occurs: Modify the key HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Messaging System\Router\ServiceArgs to the following (all one line): -ORBDottedDecimalAddresses 0 -ORBListenEndpoints iiop://:8193/ssl_port=8194 &hostname_in_ior=MR.domain.com Not really sure what the values mean, If I could get some help to enter the values in red This is what I think may need to be change but not reallty sure? If anyone could confirm? -ORBDottedDecimalAddresses 0 &hostname_in_ior=SophosMgmtServer Change the mrinit.conf on the DMZ servers Example on the sophos website: MRParentAddress"="192.168.0.3,[Console-FQDN],[Console-HOSTNAME]" "ParentRouterAddress"="MR.domain.com" Example what I think needs to be done, in my environment MRParentAddress"="172.16.x.x,[Console-FQDN],[Console-HOSTNAME]" "ParentRouterAddress"="10.x.x.x" If anyone could help out that would be great - thanks :56795

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Message Relays on a DMZ

Scenario:

Currently have a Sophos Update Manager on the DMZ that all the DMZ servers get there updates from

The situation is that I need all the DMZ servers to report back to the Sophos Enterprise Console for reporting

The ports are open on the DMZ for 8192 and 8194 back to the Sophos Update Manager on the DMZ server but it needs to report back internally to the Sophos Enteprise Console in our internal network

My thoughts are that we need to create the Sophos Update Manager on the DMZ server as a Message Relay Server so it can report back to the Sophos Enterprise Console. From the DMZ server back to the Sophos Enterprise Console server the ports are already open for 8192 and 8194

Do I need to create a message relay server on the SUM DMZ server? If so, how do I do that?

After I believe that we need to change the registry values, if we need to create a message relay server on the DMZ

Change registry values on the message relay

From reading the sophos article below, I need to change the registry values on the Message Relay server

Article 50832

Message relay server (DMZ) = 10.x.x.x; WORKGROUP and on the DMZ

Sophos Internal Management Server - IP Address = 172.16.xx.xx; Computer Name = SophosMgmtServer; Apart of the Domain.

Example from the Sophos Website of the registry

a) To immediately affect the service:

Modify the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Message Router\ImagePath
to the following (all one line):

"C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBDottedDecimalAddresses 0 -ORBListenEndpoints iiop://:8193/ssl_port=8194&hostname_in_ior=MR.domain.com

Restart the Message Router service on the message relay.

b) To make the change persistent when an RMS update/reinstall occurs:

Modify the key HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Messaging System\Router\ServiceArgs to the following (all one line):
-ORBDottedDecimalAddresses 0 -ORBListenEndpoints iiop://:8193/ssl_port=8194&hostname_in_ior=MR.domain.com

Not really sure what the values mean, If I could get some help to enter the values in red

This is what I think may need to be change but not reallty sure? If anyone could confirm?

-ORBDottedDecimalAddresses 0

&hostname_in_ior=SophosMgmtServer

Change the mrinit.conf on the DMZ servers

Example on the sophos website:

MRParentAddress"="192.168.0.3,[Console-FQDN],[Console-HOSTNAME]"
"ParentRouterAddress"="MR.domain.com"

Example what I think needs to be done, in my environment

MRParentAddress"="172.16.x.x,[Console-FQDN],[Console-HOSTNAME]"
"ParentRouterAddress"="10.x.x.x"

If anyone could help out that would be great - thanks

This thread was automatically locked due to age.

Parents

0 QC over 10 years ago

Hello slee,
Software delivery failed
belongs to the SUM component which you manage from the Update managers view. - do not confuse it with the Endpoint component managed from the Endpoints view with a group Updating policy.
The Sources tab tells SUM where to get the "raw" updates from, potentially different versions and for different platforms. The Source could be any valid source but usually it's either your main SUM or Sophos. Thus in your case the credentials must be valid for accessing the primary SUM.
Software delivery failed
can have a number of causes. If it doesn't magically resolve itself start with the Update managers view, right-click and select View Update Manager Details. This should describe the error in more detail. Perhaps this is not sufficient and the next step would be checking the logs with Logviewer (while the 80040401 article does not apply it should give you an idea how to do this).
Christian
:56802
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 10 years ago

Hello slee,
Software delivery failed
belongs to the SUM component which you manage from the Update managers view. - do not confuse it with the Endpoint component managed from the Endpoints view with a group Updating policy.
The Sources tab tells SUM where to get the "raw" updates from, potentially different versions and for different platforms. The Source could be any valid source but usually it's either your main SUM or Sophos. Thus in your case the credentials must be valid for accessing the primary SUM.
Software delivery failed
can have a number of causes. If it doesn't magically resolve itself start with the Update managers view, right-click and select View Update Manager Details. This should describe the error in more detail. Perhaps this is not sufficient and the next step would be checking the logs with Logviewer (while the 80040401 article does not apply it should give you an idea how to do this).
Christian
:56802
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data