This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Clients not showing up in Web-IF

Hi!

As the Beta forum is closed now I'm posting in this section again:

I configured EP a few days ago and installed the Client on 5 machines. Although the installation went fine and the clients are getting signature updates, they do not show up in the UTM. The "Manage Computers" tab is empty!

On the Main Screen of Endpoint Protection category in the UTM-Web-IF it states:

Sophos LiveConnect is disabled. 0 computers registered out of 12 licensed, 0 computers are currently online.

The UTM EP log frequently shows errors 4280 and 4281:

2012:07:25-12:41:28 vpn-2 epsecd[29781]:  id="4210" severity="debug" sys="System" sub="epsecd" name="Sleeping for 300 seconds"

2012:07:25-12:42:42 vpn-1 epsecd[2726]: I Epsec::Utils::Logging::_log:59() => id="4202" severity="info" sys="System" sub="epsecd" name="Run initialization database"

2012:07:25-12:42:42 vpn-1 epsecd[2726]: I Epsec::Utils::Logging::_log:59() => id="4247" severity="info" sys="System" sub="epsecd" name="Sending data to Sophos LiveConnect to sync UTM with the Broker"

2012:07:25-12:42:42 vpn-1 epsecd[2726]: D Epsec::Utils::Logging::_log:59() => id="4208" severity="debug" sys="System" sub="epsecd" name="User triggered changes in webadmin"

2012:07:25-12:42:43 vpn-1 epsecd[2726]: W Epsec::Utils::Logging::_log:59() => id="4212" severity="warn" sys="System" sub="epsecd" name="Quit recieved from Sophos LiveConnect"

2012:07:25-12:42:43 vpn-1 epsecd[2726]: D Epsec::Utils::Logging::_log:59() => id="4210" severity="debug" sys="System" sub="epsecd" name="Sleeping for 300 seconds"

2012:07:25-12:46:28 vpn-2 epsecd[29781]: D Epsec::Utils::Logging::_log:59() => id="4210" severity="debug" sys="System" sub="epsecd" name="Sleeping for 22 seconds"

2012:07:25-12:47:10 vpn-2 epsecd[29781]: >=========================================================================

2012:07:25-12:47:10 vpn-2 epsecd[29781]: E id="4280" severity="critical" sys="System" sub="epsecd" name="Error creating socket" ssl_errstr="IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)" syscall_error="Invalid argument"

2012:07:25-12:47:10 vpn-2 epsecd[29781]:

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 1. Epsec::Utils::Logging::_log:59() /Epsec/Utils/Logging.pm

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 2. Epsec::Logic::Client::_start:77() /Epsec/Logic/Client.pm

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 3. Epsec::Logic::Client:[:$]n_load:40() /Epsec/Logic/Client.pm

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 4. (eval):53() /Epsec/Logic/Base.pm

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 5. Epsec::Logic::Base::run:52() /Epsec/Logic/Base.pm

2012:07:25-12:47:10 vpn-2 epsecd[29781]: 6. main::top-level:62() client.pl

2012:07:25-12:47:30 vpn-2 epsecd[29781]: |=========================================================================

2012:07:25-12:47:30 vpn-2 epsecd[29781]: E id="4281" severity="critical" sys="System" sub="epsecd" name="No internet connection. at /Epsec/Logic/Client.pm line 89." effect="Can't talk to Sophos LiveConnect"

2012:07:25-12:47:30 vpn-2 epsecd[29781]:

2012:07:25-12:47:30 vpn-2 epsecd[29781]: 1. Epsec::Utils::Logging::_log:59() /Epsec/Utils/Logging.pm

2012:07:25-12:47:30 vpn-2 epsecd[29781]: 2. Epsec::Logic::Client:[:$]n_error:1039() /Epsec/Logic/Client.pm

2012:07:25-12:47:30 vpn-2 epsecd[29781]: 3. Epsec::Logic::Base::run:60() /Epsec/Logic/Base.pm

2012:07:25-12:47:30 vpn-2 epsecd[29781]: 4. main::top-level:62() client.pl

2012:07:25-12:47:30 vpn-2 epsecd[29781]:  id="4210" severity="debug" sys="System" sub="epsecd" name="Sleeping for 240 seconds"

2012:07:25-12:47:44 vpn-1 epsecd[2726]: I Epsec::Utils::Logging::_log:59() => id="4202" severity="info" sys="System" sub="epsecd" name="Run initialization database"

2012:07:25-12:47:44 vpn-1 epsecd[2726]: I Epsec::Utils::Logging::_log:59() => id="4247" severity="info" sys="System" sub="epsecd" name="Sending data to Sophos LiveConnect to sync UTM with the Broker"

2012:07:25-12:47:44 vpn-1 epsecd[2726]: D Epsec::Utils::Logging::_log:59() => id="4208" severity="debug" sys="System" sub="epsecd" name="User triggered changes in webadmin"

2012:07:25-12:47:46 vpn-1 epsecd[2726]: W Epsec::Utils::Logging::_log:59() => id="4212" severity="warn" sys="System" sub="epsecd" name="Quit recieved from Sophos LiveConnect"

2012:07:25-12:47:46 vpn-1 epsecd[2726]: D Epsec::Utils::Logging::_log:59() => id="4210" severity="debug" sys="System" sub="epsecd" name="Sleeping for 300 seconds"

The internet connection is working fine, at least I do not have any client problems in accessing the internet.
The UTM Web Protection is configured in Standard Mode. The Sophos Broker Exceptions are present.

I'm using a home license and reapplied my 8.305 backup after a fresh install of the UTM9 GA release.

What is wrong here?

Thanks for any help!
scorpionking

This thread was automatically locked due to age.

Parents

0 BrucekConvergent over 13 years ago

Create a packet filter rule that allows HTTPS and HTTP (probably only need https, but I added http in for good measure) outbound from these clients to all.broker.sophos.com (this definition was pre-defined on my V9 system -- if it's not on yours, it's a DNS group, should list about 5 IPs) --- they have to "phone home" for the UTM to pick them up. I though there was supposed to be an automatic rule defined, but with my upgrade, I did not see it, so I made one of my own.

If you are using transparent HTTP/S proxy, you'll want to check and make sure the built-in exception for the broker services is enabled.
Cancel
Vote Up 0 Vote Down

Cancel
0 scorpionking over 13 years ago in reply to BrucekConvergent

Thanks for your answer.
At the moment HTTP and HTTPS is allowed for the whole internal net via Firewall rule. So this should be ok.
The predefined proxy exceptions also exist although I'm not using the transparent proxy for HTTPS.

Any other suggestions?
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 13 years ago in reply to scorpionking

Well, given the wierdness I've been seeing the past couple of days with the Broker service... I'd uninstall the client software (totally... after the uninstall, delete the Sophos Folder in C:\ProgramData), and, in the UTM, reset the Registration Token... then try again with one system.

Actually -- one other thought -- do you have country blocking enabled? Try it with it disabled.
Cancel
Vote Up 0 Vote Down

Cancel
0 scorpionking over 13 years ago in reply to BrucekConvergent

Did that already, but didn't help...

I do not have country blocking enabled.

Any other thoughts?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 scorpionking over 13 years ago in reply to BrucekConvergent

Did that already, but didn't help...

I do not have country blocking enabled.

Any other thoughts?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BrucekConvergent over 13 years ago in reply to scorpionking

Do you have any firewalls upstream of your UTM that might be blocking it from reaching the broker servers? Other than that, maybe the DB that EPSEC is looking at locally is broken, maybe try backing up your config and reinstall?
Cancel
Vote Up 0 Vote Down

Cancel