Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 3 subscribers
  • Views 3875 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

All Endpoints showing as off-line

PaulHolt
Hi all,

I just noticed that my endpoints are showing as offline and I noticed this error in my endpoint log. 

 utm epsecd[5156]: E id="4281" severity="critical" sys="System" sub="epsecd" name="Broker closed the connection at /Epsec/Logic/Client.pm line 915." effect="Can't talk to Sophos LiveConnect"

2012:08:15-03:09:40 


Things have been going well until I noticed this.  Looks like updates are happening.  Is there an issue with LiveConnect?

Thanks,
Paul


This thread was automatically locked due to age.
  • 0
    I guess it's possible; my clients show as up... could just be a problem with your particular broker server (there are several)... which broker are you using?  This info can be found in the Advanced tab.

    Might see if a restart helps.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Hi Bruce,

    I'm using http://mcs1-12a6.broker.sophos.com

    Paul

    P.S. I'll give it some time to see if they come back, then I'll reboot if need be.
  • 0
    Yeah, I've got a different broker on the two systems I'm looking at... they are assigned randomly, I'm sure, when the keys are generated initially.  May just be a momentary issue with the broker service / cluster you're accessing.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Well, I rebooted the endpoints and that didn't help.  I tried rebooting the UTM and that hasn't helped either.  Checked the Endpoint log and it shows the error above.  I checked the webfiltering and firewall logs and I don't see anything relevant.  [:(]

    Where to next?
  • 0 in reply to PaulHolt
    Well, they never reappeared so I tried to uninstall.  Even with the tamper protection password I could not uninstall, kept getting a message that I was unauthorized even though I was an administrator.  So, I removed the computer from the Endpoint "Manage Computers" screen and was able to uninstall the Sophos clients (all three).  I then tried to reinstall but now they don't show in the management console.  I then uninstalled the software again and tried resetting the registration token to see if that helped.  Upon reinstalling I still can't see the computer in the management console.

    I guess I am now going to follow this thread: https://community.sophos.com/products/unified-threat-management/astaroorg/f/59/t/55874 [:(]

    Paul
  • 0 in reply to PaulHolt
    If you do an uninstall, you will need to manually delete the Sophos directory under C:\ProgramData to get the reinstalls to work right.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    Might just be the broker is down atm... The one i'm using is pretty temperamental, it will come back up eventually...
  • 0 in reply to akp982
    Deleted the 'Sophos' directory from 'Application Data' directory and that fixed the issue with not showing in the UTM console.  I first tried deleting the 'Sophos' directory from 'Programs Files' but that doesn't help.

    All is well for now.

    Paul
  • 0 in reply to PaulHolt
    Sorry, the ProgramData directory is only available on Vista and up OSs... I guess I should've mentioned that if you were on XP you'd need to look under the Application Data folder [:)]

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    A slightly different problem.
    I have two MS OS running under Parallels on a MAC. One XP and the other W7 64, both update Sophos regularly when online.
    The issue is the XP one never shows up as being online in the UTM EP panel.

    Ian[:)]
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?