Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 6 replies
  • Subscribers 0 subscribers
  • Views 1629 views
  • Users 0 members are here
Options
Suggested

[8.910][CLOSED] Endpoint unable to register itself to the config

wingman
Hi All

If you remove the endpoint entry from the UTM, the installed sophos endpoint is unable to register back to the conf 

2012:03:19-23:55:40 *****  epsecd[4767]: |=========================================================================

2012:03:19-23:55:40 *****  epsecd[4767]: E Endpoint need to register in the Confd!

2012:03:19-23:55:40 *****  epsecd[4767]:

2012:03:19-23:55:40 *****  epsecd[4767]: 1. Epsec::Helpers::Client::update_confd:239() /Epsec/Helpers/Client.pm

2012:03:19-23:55:40 *****  epsecd[4767]: 2. Epsec::Logic::Client::_report:185() /Epsec/Logic/Client.pm

2012:03:19-23:55:40 *****  epsecd[4767]: 3. Epsec::Logic::Client:[:$]n_run:150() /Epsec/Logic/Client.pm

2012:03:19-23:55:40 *****  epsecd[4767]: 4. (eval):55() /Epsec/Logic/Base.pm

2012:03:19-23:55:40 *****  epsecd[4767]: 5. Epsec::Logic::Base::run:52() /Epsec/Logic/Base.pm

2012:03:19-23:55:40 *****  epsecd[4767]: 6. main::top-level:58() client.pl


Thanks
Parents
  • 0
    Hi wingman.

    First off, please restart the following service: /var/mdw/scripts/epsecc restart.

    Secondly, if you delete an endpoint from the UTM, it should delete all known records of it both from the UTM confd and UTM db. Then this command must be reproduced on the cloud service(invalidate credentials and such) so that the endpoint can no longer talk to the cloud service(Sophos LiveConnect).

    The first error you posted signals that there are still reports coming for that endpoint(possibly because the last step for this failed).

    I'd like to have a look over your logs file, so if possible please attache /var/log/epsecd.log to this thread.

    Does your UTM ID end in 'cfe7861a'?

    Thanks
Reply
  • 0
    Hi wingman.

    First off, please restart the following service: /var/mdw/scripts/epsecc restart.

    Secondly, if you delete an endpoint from the UTM, it should delete all known records of it both from the UTM confd and UTM db. Then this command must be reproduced on the cloud service(invalidate credentials and such) so that the endpoint can no longer talk to the cloud service(Sophos LiveConnect).

    The first error you posted signals that there are still reports coming for that endpoint(possibly because the last step for this failed).

    I'd like to have a look over your logs file, so if possible please attache /var/log/epsecd.log to this thread.

    Does your UTM ID end in 'cfe7861a'?

    Thanks
Children
No Data
Unfiltered HTML