Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 9116 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console/Software Restrictions

tkul88

Hi all,

Having a problem with getting our Sophos endpoints up and running.

If a client is protected with the endpoint software and a user logs in that has software restriction GPO's applied to it, something blocks access to Internet browsing.

I've narrowed it down to a single GPO that contains the software restrictions, and if they are disabled (or changed to unrestricted) then the user can browse the Internet.

The message that appears is that the browser cannot connect to the proxy server.

Is there a clash somewhere? or a setting that needs amending?

I've tried fully disabling all policies but there still isn't any connection.

Strangely, as an Admin I can browse the Internet if I run Chrome with my credentials, but I'm assuming it's because there are no active software restrictions imposed on my account, and the proxy settings are taken from the registry.

Sophos Enterprise Console 5.1
Windows Domain - Standard users no admin rights

Thanks in advance 
Tom

:46331


This thread was automatically locked due to age.
Parents
  • 0

    Spoke too soon,

    Just logged into the server to try and start up the SEC and it fails to open with the below error;

    System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TimeoutException: Client is unable to finish the security negotiation within the configured timeout (00:09:59.9843999).  The current negotiation leg is 1 (00:09:59.9843999).   ---> System.TimeoutException: The request channel timed out while waiting for a reply after 00:09:59.9219995. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. ---> System.TimeoutException: The HTTP request to 'soay/.../EncryptionFrontEnd' has exceeded the allotted timeout of 00:09:59.9370000. The time allotted to this operation may have been a portion of a longer timeout. ---> System.Net.WebException: The operation has timed out
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Sophos.Encryption.FrontEnd.Interfaces.IEncryptionFEServiceAsync.EndIsEncryptionInstalled(IAsyncResult result)
   at Sophos.Encryption.UI.Module.<>c__DisplayClass4.<.ctor>b__2(IEncryptionFEServiceAsync s)
   at Sophos.Encryption.FrontEnd.Interfaces.ClientChannelWrapper`1.EndInvoke[TResult](Func`2 function)
   at Sophos.Encryption.UI.Module..ctor(IExtensionManager extensionManager, IFrontEndProxyFactory factory)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   at System.RuntimeMethodHandle.InvokeConstructor(Object[] args, SignatureStruct signature, RuntimeTypeHandle declaringType)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at Sophos.UIController.UIControl.<Initialize>b__a()
   at Sophos.UIController.Product.Logging.LogMethod(MemberInfo method, Action func)
   at Sophos.UIController.UIControl.Initialize()

----- [outer exception] -----
   -- error: 0x80131604
   -- facility: C#/.NET

   at 6
   at 5
   at 4
   at 3
   at 2
   at 1
   at class ATL::CComPtr<struct UIController::IUIControl> __cdecl createUIController(struct IDispatch *,const wchar_t *)
   at __w64 long __thiscall CMainFrame::OnCreate(struct tagCREATESTRUCTW *)
   at int __cdecl Run(int,class bl::CommandLine,enum bl::ConsoleType::Type)
   at int __stdcall wWinMain(struct HINSTANCE__ *,struct HINSTANCE__ *,wchar_t *,int)

    If i search Sophos KB, the error is there, but I can't find a trace of the actual problem. Any ideas?

    Thanks

    :46643
Reply
  • 0

    Spoke too soon,

    Just logged into the server to try and start up the SEC and it fails to open with the below error;

    System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TimeoutException: Client is unable to finish the security negotiation within the configured timeout (00:09:59.9843999).  The current negotiation leg is 1 (00:09:59.9843999).   ---> System.TimeoutException: The request channel timed out while waiting for a reply after 00:09:59.9219995. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. ---> System.TimeoutException: The HTTP request to 'soay/.../EncryptionFrontEnd' has exceeded the allotted timeout of 00:09:59.9370000. The time allotted to this operation may have been a portion of a longer timeout. ---> System.Net.WebException: The operation has timed out
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Sophos.Encryption.FrontEnd.Interfaces.IEncryptionFEServiceAsync.EndIsEncryptionInstalled(IAsyncResult result)
   at Sophos.Encryption.UI.Module.<>c__DisplayClass4.<.ctor>b__2(IEncryptionFEServiceAsync s)
   at Sophos.Encryption.FrontEnd.Interfaces.ClientChannelWrapper`1.EndInvoke[TResult](Func`2 function)
   at Sophos.Encryption.UI.Module..ctor(IExtensionManager extensionManager, IFrontEndProxyFactory factory)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   at System.RuntimeMethodHandle.InvokeConstructor(Object[] args, SignatureStruct signature, RuntimeTypeHandle declaringType)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at Sophos.UIController.UIControl.<Initialize>b__a()
   at Sophos.UIController.Product.Logging.LogMethod(MemberInfo method, Action func)
   at Sophos.UIController.UIControl.Initialize()

----- [outer exception] -----
   -- error: 0x80131604
   -- facility: C#/.NET

   at 6
   at 5
   at 4
   at 3
   at 2
   at 1
   at class ATL::CComPtr<struct UIController::IUIControl> __cdecl createUIController(struct IDispatch *,const wchar_t *)
   at __w64 long __thiscall CMainFrame::OnCreate(struct tagCREATESTRUCTW *)
   at int __cdecl Run(int,class bl::CommandLine,enum bl::ConsoleType::Type)
   at int __stdcall wWinMain(struct HINSTANCE__ *,struct HINSTANCE__ *,wchar_t *,int)

    If i search Sophos KB, the error is there, but I can't find a trace of the actual problem. Any ideas?

    Thanks

    :46643
Children
No Data