Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 97 replies
  • Subscribers 3 subscribers
  • Views 82810 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No update path for UTM Endpoint Clients

lenny_01
Hi,

I installed the Endpoint Protection Client. The Client shows up in the UTM 9 as "Online", so this is working so far. 
But on the client where Endpoint is installed, i can't download updates due to there is noch given update path. Wether primary nor secondary path.

Any ideas?

Cheers,
lenny [:)]


This thread was automatically locked due to age.
Parents
  • 0
    I got new awareness...
    Right now I'm at a small site, the internet is not coming from an ISP but from our headquarter over WAN. This ist connection is all open for my ASG425 overhere(proxy,Webfilter etc.) 

    The two clients, where I installed Endpoint Protection, aren't going through my proxy (ASG425) but going directly to 54.251.33.56 over https, which ist the Sophos broker. 

    This request will be rejected by our firewall at the headquarter.

    Does anyone know why the clients doesn't connect over the ASG itself? Can that somehow changed?

    thanks,
    lenny
  • 0 in reply to lenny_01
    The Client is connecting to Sophos through the device defined as Default Gateway on the Computer.
    No chance to change this at the moment.

    Is there any possibility that your headquarter changes their firewall allowing communication from your ASG to all.broker.sophos.com?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0 in reply to lenny_01
    The Client is connecting to Sophos through the device defined as Default Gateway on the Computer.
    No chance to change this at the moment.

    Is there any possibility that your headquarter changes their firewall allowing communication from your ASG to all.broker.sophos.com?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
  • 0 in reply to lenny_01
    Hm, just thinking. I can let all.broker.sophos.com (54.247.105.180) through our Firewall, but which IP of the 14 IP's in that DNS-Group will awnser? As far as I know, at the Headquarters firewall can only ip addresses be allowed.
  • 0 in reply to lenny_01
    I guess this should be the broker defined in the UTM config. But I'm not sure about this...
    There's also the possibility that the broker changes after some time, so allowing the DNS group would be better.

    Just ask them if it's possible...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?