Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 4170 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Moving to a new Sophos server

schmidt

I have a weird issue – a server caught in limbo. I have created a VB script using the tool that a Sophos tech told me about that will point my Sophos client servers from one Sophos master server (Sophos-old) to another Sophos master server (Sophos-new).

I have tested this script on 4 servers and it has run fine on those 4. They now point to Sophos-new for their policies and updates. On the 5th server, the resulting log file from the script looks fine (just like the other 4 servers). But it’’’’s not completely responding to either Sophos console.

From Sophos-old, the status says: Differs from policy.

On Sophos-new, it says: Awaiting policy update.

From Sophos-new, I select the computer, right click and say “Update the computer now… “ On the 5th server, the update log shows that it’’’’s communicating with Sophos-Old.

From Sophos-old, I select the computer, right click and say “Update the computer now… “  Nothing happens on the 5th server. Its log does not show any attempt to communicate with either Sophos server.

Oh, and I have rebooted the 5th server.

Has anyone come across this situation before?

:41327


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    That's somewhat a relief to be honest;  I was really scratching my head based on those IPs.

    If you stop the router on the "managed" endpoint, does the "Connected" state of the client change in the new SEC?  That would be proof enough that communication is working?

    To me, based on the client logs, it seems to be OK.

    Tracing the messages once that arrive at the SEC server would be my next thing to try.  For example, based on what you did before to generate a EM-GetStatus-Reply message.  If you just perfrom just a restart of the Agent service on the client, 20 seconds later it would send another status message.

    If you were to do that, then check the router logs on the new server, do you see a status message arrive from the client?

    You can then follow that through in the "msgn" log:

    C:\ProgramData\Sophos\Sophos Endpoint Management\log\

    This is the final logging of the message before it goes into the database.

    Regards,

    Jak

    :41379
Reply
  • 0

    HI,

    That's somewhat a relief to be honest;  I was really scratching my head based on those IPs.

    If you stop the router on the "managed" endpoint, does the "Connected" state of the client change in the new SEC?  That would be proof enough that communication is working?

    To me, based on the client logs, it seems to be OK.

    Tracing the messages once that arrive at the SEC server would be my next thing to try.  For example, based on what you did before to generate a EM-GetStatus-Reply message.  If you just perfrom just a restart of the Agent service on the client, 20 seconds later it would send another status message.

    If you were to do that, then check the router logs on the new server, do you see a status message arrive from the client?

    You can then follow that through in the "msgn" log:

    C:\ProgramData\Sophos\Sophos Endpoint Management\log\

    This is the final logging of the message before it goes into the database.

    Regards,

    Jak

    :41379
Children
No Data