Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 13587 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Air-gapped SEC521 Install, unable to get endpoints to be managed or get software to them.

roberts2

I have set up and air-gapped SEC521 server, I have followed KB article 64899.

I have copied the Warehouse files over from the connected server. Because of the way we run the network I can not push software to the endpoints to update.

So then following the quick start guide for manual install it says to look in View Bootstrap locations, to install agants on the terminals, the address is something like \\server\SophosUpdate\CIDs\SAVSCFXP\S000\ But I do not have CIDs directory in that location.

So I copied the CIDs directory from the source server, and it allowed me to install the agents and the install, down load packages and seem to work, but they do not show as managed in SEC console. I have established that this is because the Parent Address in the registry is incorrect, as it has copied from the source server.

So my question is this, Ihave read on here that I should not copy the CIDs directory, so if I don't copy that directlry at what point or how is the "new"CIDs directlry created, because I do not have one.

I realise I am doing something wrong but I have read so many KB and guide articles on the Sophos site I am now at the point of giving up and using something else that will configure easier.

HELP PLEASE!

:47377


This thread was automatically locked due to age.
  • 0

    Hello roberts2,

    I'm not sure where you've made the mistake (if at all). So I'll try to rephrase the article:

    1. Install the air-gapped SEC (aSEC) up to the Download Security Software wizard (either stop at this step or cancel it)
    2. Copy over the Warehouse folder from the connected SEC to a folder/share of your choice (e.g. \\aSEC\Source\) on aSEC
    3. Resume the wizard (or View/edit Configuration) and enter \\aSEC\Source\ as location (no credentials needed), subscribe to the appropriate packages
    4. The SUM on aSEC should now start to "download" the packages and deploy to the default share \\aSEC\SophosUpdate\ 

    IIRC setting up the default share is part of the install, it should have been created in step 1. If the share does exist but is empty then either you have not subscribed to a package, the "download" failed (perhaps due to a corrupt Warehouse) or deployment wasn't successful. In any case you should see an alert or error in the Update Managers view of the console. Apart from the fact that the source is local and "off-line" it should behave exactly as your connected SEC does

    Christian

    :47379
  • 0

    I have done as suggested, and the warehouse filder is processed and appears in the Sophos SophosUpdate  folder as Warehouse.

    But I still can manage any End points. Our network is setup up to allow the necessary ports for the endpoint but not remote installation.

    So following instructions I go to SEC521 console, View, Bootstrap Locations, and get \\server\SophosUpdate\CIDs\S000 but there is NO CIDs folder just a Warehouse folder!

    So I must be doing something wrong?!!

    :47671
  • 0

    Hello roberts2,

    Bootstrap Location \\server\SophosUpdate\CIDs\S000

    just this, no trailing SAVSCFXP? In this case SUM has not (yet) deployed the package to the share. Please go the the Update managers view. If there was an error during "download" or deployment it should be listed there. If there is none check the Recommended subscription if at least one product is selected.

    Christian

    :47675
  • 0

    There is no CIDs directory or anything below it, this is the issue I have been having, where/or how is the CIDs directory created?

    If it is supposed to be created when the Warehouse folder is read in, it is not happening. We it reads in the warehouse files I get the massage "Software Delivery Failed"

    :47681
  • 0

    Hello roberts2,

    Software Delivery Failed

    then we'd have to find out why. The LogViewer is a little bit more specific, the SUMTrace logs should show a detailed error message.

    Christian

    :47685
  • 0

    I have at last resolved my own issue, although this really should be mentioned in the instructions!

    What I was doing was taking the Warehouse directrory from an NTFS drive on the air-gapped server, onto an NTFS formatted drive and then copying it back onto another NTFS formatted disk. When I did this the files would not import correctly and the CIDs directory was not being created.

    All I have done to rectify this is copy the files from the NTFS source onto a a FAT32 drive and then back onto the NTFS destination.

    Ran the SUM import and it imported for ages, the CIDs folder was created and then the agents could be downloaded and it all works perfectly.

    I think you should mention this sort of thing in the KB articles, because I have wasted weeks trying to get this to work, and in essence there was nothing wrong!

    :47876
  • 0

    Hello roberts2,

    thanks for sharing the solution (and the underlying problem).

    Now that I've read it, it looks distantly related to the Problem updating a standalone computer with current definitions. But it's probably not. In the mentioned case the metadata (i.e. filenames) was corrupt whereas I assume that you encountered data corruption (i.e. checksum errors).

    you should mention this sort of thing in the KB articles

    I'm not sure how this sort of thing should be mentioned other than please make sure your copy is correct? Which kind of drive is this? Data corruption (actually it's data "absence") can occur on NTFS formatted thumb drives if you don't wait long enough before unplugging them - though I don't think that you did this. I don't think an NTFS formatted device is generally unfit for transfer-

    Christian   

    :47882