Client not getting certificate via RMS "Caught CORBA system exception"

Question

Hey all,

I've got multiple clients that are getting this error in the router log.....and I used the same install package that some of my other clients are using and ARE reporting to the SEC via the message relay. I am able to telnet to the message relay from the client using 8192 (which returns the IOR with a sequence of numbers) and 8194 (returns a blank screen with a cursor). I am aware that the Auto Update and RMS services run separate, but I thought I should mention that all of the clients update just fine from the message relay.

I have been reading multiple cases but haven't really seen any concrete resolutions to this issue...and since my problem is sporatic I'm making a new thread. The 'netstat -n' command I ran on the message relay shows the 8192 ports with the client IP's that I'm having issues with in TIME_WAIT status.

Here is an insert from the router log on the client I'm having issues with.

16.07.2013 15:29:13 050C I Successfully validated parent router's IOR
16.07.2013 15:29:13 050C I Accessing parent
16.07.2013 15:29:18 09A4 I Logged on Agent for certification
16.07.2013 15:29:18 0A30 I Routing to parent: id=03E5AD1E, origin=Router$rv20009056:27138.Agent, dest=CM, type=Certification.CertRequest
16.07.2013 15:30:58 050C E ParentLogon::RegisterParent: Caught CORBA system exception, ID 'IDL:omg.org/CORBA/TRANSIENT:1.0'
OMG minor code (2), described as '*unknown description*', completed = NO

16.07.2013 15:31:28 050C I Getting parent router IOR from 165.201.22.33:8192
16.07.2013 15:31:28 050C I Received parent router's IOR: (number way too long to paste...and shouldn't matter since it matches)

16.07.2013 15:31:28 050C I Successfully validated parent router's IOR
16.07.2013 15:31:28 050C I Accessing parent
16.07.2013 15:31:50 050C E ParentLogon::RegisterParent: Caught CORBA system exception, ID 'IDL:omg.org/CORBA/TRANSIENT:1.0'
OMG minor code (2), described as '*unknown description*', completed = NO

etc etc....The log repeats those steps and never obtains the certification request.

Any suggestions?

Thanks,

Adam

This thread was automatically locked due to age.

jak · Accepted Answer

Hi, Thank you for the. I think this is the important line(s): Line 1109: 17.07.2013 10:05:15 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) Line 2000: 17.07.2013 10:05:41 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) Line 4115: 17.07.2013 10:06:43 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) Line 4801: 17.07.2013 10:07:03 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) Line 6412: 17.07.2013 10:07:49 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) Line 7098: 17.07.2013 10:08:09 0E68 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (3284|3688) - SSL connection to failed (errno: No error) On the client computer that is failing, could you try creating under [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\[Adapter ID]] Where : the adapter id is for the adapater bening used to connect to the management server. a new DWORD called MTU (DWORD Value) and set it to 576 (dec). Restart the computer. How does the router log look then? Regards, Jak :41797