Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 34349 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Stas started, and connection test success, but no user showing in live users/advance

TingYu

stas start = ok

connection test to utm, and between agent and collector = ok

VMI test = ok

but when I go to advance/view live users, it shows blank

My server is window 2003 domain.

Please help. thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0

    Hi, last reply I show you that there is communication on port 6060, showed you tcpdump data, I just went to live log for "client authertincation"/utm, here is data, it seems it said "stas_check_collector_timeout.

    2016:06:24-13:23:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740

    2016:06:24-13:23:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:23:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:23:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:23:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:23:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:24:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:24:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:24:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:24:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:24:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:24:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:24:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:25:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:25:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:25:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:25:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:25:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:25:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:25:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:26:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:26:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:26:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:26:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:26:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:26:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:26:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:27:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:27:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:27:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:27:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:27:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:27:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:27:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
Reply
  • 0

    Hi, last reply I show you that there is communication on port 6060, showed you tcpdump data, I just went to live log for "client authertincation"/utm, here is data, it seems it said "stas_check_collector_timeout.

    2016:06:24-13:23:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740

    2016:06:24-13:23:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:23:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:23:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:23:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:23:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:24:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:24:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:24:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:24:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:24:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:24:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:24:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:25:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:25:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:25:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:25:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:25:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:25:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:25:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:26:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:26:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:26:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:26:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:26:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:26:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:26:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:27:17 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:27:17 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:27:17 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
    2016:06:24-13:27:17 utm argos[15121]: [stas_check_collector_timeout]: Checking for collectors who have time-out
    2016:06:24-13:27:47 utm argos[15121]: [stas_event]: Received STAS package
    2016:06:24-13:27:47 utm argos[15121]: [stas_event]: Read 11 bytes from IP 192.168.0.13:4740
    2016:06:24-13:27:47 utm argos[15121]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
Children
  • 0 in reply to TingYu

    I guess that your firewall on the computer where Stas is running is not allowing incoming connections from your UTM.

  • 0 in reply to TingYu

    I've got the same behavior. All tests go ok, but STAS does not work. I don't see online users and log shows me

    2017:01:23-17:17:19 utm argos[5633]: [stas_event]: Read 11 bytes from IP 192.168.111.26:53786
2017:01:23-17:17:19 utm argos[5633]: [process_stas_request]: Processing STAS request STA_LIVE_REQ
2017:01:23-17:17:20 utm argos[5633]: [stas_check_collector_timeout]: Checking for collectors who have time-out
2017:01:23-17:17:49 utm argos[5633]: [stas_event]: Received STAS package

    All settings were made according STAS_manual-en.pdf
    AND all tests passed! Firewall was disabled for simplicity.
  • 0 in reply to Alex Dokutovich

    Create a windows firewall rule which allows traffic from UTM using the STAS application. Test this first by deactivating Windows firewall temporarily.

    If this work, create a windows firewall rule using gpo and apply it on the domain controller or else where STAS is running.

  • 0 in reply to ErikFranzén

    In the post above, I've already written, windows firewalls were disabled, for test. But STAS does not work. Maybe have you got another idea, how to fix it?

  • 0 in reply to Alex Dokutovich

    HI i have the same problem here Stas Suite installed on all dc´s tests are all sucessfull windows firewall turned off events logged in the eventlogs but no active users displayed.

    Any Idea why?

  • 0 in reply to JoeT

    Did you ever get an answer to this problem.?

    I too am having issues with it. Not all STAS users appear in 'Show Live Users'.

    It seems fairly random who shows and who does not.

    Those that do not appear are then prompted with the Captive Portal - which is a real pain!

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML