Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 3 subscribers
  • Views 25239 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.00x] Endpoint appear as offline

wingman
Hi All

I've just noticed that the endpoint client for a user is able to update itself but according to the UTM the device is offline for the past 13 days!

I've tried to restart the service with no luck.Sophos live connect works fine. It's only the client that appears to be offline 

2012:09:28-19:57:14  epsecd[5105]: >=========================================================================

2012:09:28-19:57:14  epsecd[5105]: E id="4280" severity="critical" sys="System" sub="epsecd" name="Error creating socket" ssl_errstr="IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)" syscall_error="Invalid argument"

2012:09:28-19:57:14  epsecd[5105]: 

2012:09:28-19:57:14  epsecd[5105]:  1. Epsec::Utils::Logging::_log:59() /Epsec/Utils/Logging.pm

2012:09:28-19:57:14  epsecd[5105]:  2. Epsec::Logic::Client::_start:77() /Epsec/Logic/Client.pm

2012:09:28-19:57:14  epsecd[5105]:  3. Epsec::Logic::Client:[:$]n_load:40() /Epsec/Logic/Client.pm

2012:09:28-19:57:14  epsecd[5105]:  4. (eval):53() /Epsec/Logic/Base.pm

2012:09:28-19:57:14  epsecd[5105]:  5. Epsec::Logic::Base::run:52() /Epsec/Logic/Base.pm

2012:09:28-19:57:14  epsecd[5105]:  6. main::top-level:62() client.pl

2012:09:28-19:57:14  epsecd[5105]: |=========================================================================


Thanks


This thread was automatically locked due to age.
Parents
  • 0
    Checking the endpoint logs it seems that the problem is with the endpoint itself as it can't connect to the required server( getting error code 500)
    2012-10-19T18:44:35.981Z [ 2140] INFO *EventHandler::SendData The event handler is about to send events to the server.
    2012-10-19T18:44:36.012Z [ 2140] INFO *EventHandler::SendData About to send the request to the server.
    2012-10-19T18:44:36.012Z [ 2140] INFO *HttpServer::SendRequest The HTTP request was initiated successfully.
    2012-10-19T18:44:36.278Z [ 4856] INFO *HttpServer::HttpEventCallback The HTTP request completed with status 500.
    2012-10-19T18:44:36.278Z [ 4856] INFO *OutboundDataHandler::HttpCallback The HTTP callback was called with the HTTP result code 500.
    2012-10-19T18:44:36.278Z [ 4856] WARN *OutboundDataHandler::HttpCallback 3001: An HTTP transaction failed with status code 500.


    I have other endpoint on the same network (192.168.x.x) and they have no issues at all.  The relevant firewall rules allowing traffic via http /https to liveconnect and update servers are in place
Reply
  • 0
    Checking the endpoint logs it seems that the problem is with the endpoint itself as it can't connect to the required server( getting error code 500)
    2012-10-19T18:44:35.981Z [ 2140] INFO *EventHandler::SendData The event handler is about to send events to the server.
    2012-10-19T18:44:36.012Z [ 2140] INFO *EventHandler::SendData About to send the request to the server.
    2012-10-19T18:44:36.012Z [ 2140] INFO *HttpServer::SendRequest The HTTP request was initiated successfully.
    2012-10-19T18:44:36.278Z [ 4856] INFO *HttpServer::HttpEventCallback The HTTP request completed with status 500.
    2012-10-19T18:44:36.278Z [ 4856] INFO *OutboundDataHandler::HttpCallback The HTTP callback was called with the HTTP result code 500.
    2012-10-19T18:44:36.278Z [ 4856] WARN *OutboundDataHandler::HttpCallback 3001: An HTTP transaction failed with status code 500.


    I have other endpoint on the same network (192.168.x.x) and they have no issues at all.  The relevant firewall rules allowing traffic via http /https to liveconnect and update servers are in place
Children
  • 0 in reply to wingman
    Same problem here.

    After the installation the client is "OK". Everything seems up and running. 
    2012:10:18-21:12:51 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4207" severity="debug" sys="System" sub="epsecd" name="Recieved report(s) from Sophos LiveConnect"

    2012:10:18-21:12:51 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4230" severity="debug" sys="System" sub="epsecd" name="Updated ping information in the DB" mcs_id="292b0540-2958-e448-92df-fafae63ffd3b"

    2012:10:18-21:12:51 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4211" severity="debug" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="2465222"

    2012:10:18-21:13:27 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4207" severity="debug" sys="System" sub="epsecd" name="Recieved report(s) from Sophos LiveConnect"

    2012:10:18-21:13:27 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4230" severity="debug" sys="System" sub="epsecd" name="Updated ping information in the DB" mcs_id="292b0540-2958-e448-92df-fafae63ffd3b"

    2012:10:18-21:13:27 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4211" severity="debug" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="2465222"


    The day after the client is offline with a strange message in the logfile:
    2012:10:19-15:17:08 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4207" severity="debug" sys="System" sub="epsecd" name="Recieved report(s) from Sophos LiveConnect"

    2012:10:19-15:17:08 feuerwand epsecd[875]: W Epsec::Utils::Logging::_log:59() => id="4220" severity="warn" sys="System" sub="epsecd" name="Endpoint need to register in Confd" mcs_id="292b0540-2958-e448-92df-fafae63ffd3b"

    2012:10:19-15:17:08 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4246" severity="debug" sys="System" sub="epsecd" name="Stop receiving reports from not registered computer" mcs_id="292b0540-2958-e448-92df-fafae63ffd3b"

    2012:10:19-15:17:08 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4211" severity="debug" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="2465222"

    2012:10:19-17:29:27 feuerwand epsecd[875]: D Epsec::Utils::Logging::_log:59() => id="4206" severity="debug" sys="System" sub="epsecd" name="Synchronizing after backup applied"

    2012:10:19-17:29:27 feuerwand epsecd[875]: I Epsec::Utils::Logging::_log:59() => id="4202" severity="info" sys="System" sub="epsecd" name="Run initialization database"

    2012:10:19-17:29:27 feuerwand epsecd[875]: I Epsec::Utils::Logging::_log:59() => id="4247" severity="info" sys="System" sub="epsecd" name="Sending data to Sophos LiveConnect to sync UTM with the Broker"


    Nothing changed in configs or at the client.
    Very annoying at the moment. [:@]
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?