Newbie here. I hope you can help.
I have set up MSME to use MQM from our ePO 4.6.0 Console (everything controlled from within ePO):
This pushes fine (although you have to be carefull with the browser you are using) to the MSME clients (Exchange servers). On the MQM server, I have configured the Port to aslo be 49500 for RPC:
But after rebooting all servers in the environment, the MSME clients/products do not connect to the MQM server as you can see (empty list of connected McAfee products):
I tried both with ports 443 (HTTPS) and 49500 (RPC). I haven't tried port 80 (HTTP). When I had it to use 443 SSL, I got the following error on the MSME ProductLog of all Exchange servers (1 log entry on each):
It states "Operation 'Register()' failed while connecting to the MQM server '10.0.0.252:443' with error 80004005." This seems to be a Logon Failed error (code 80004005). When using RPC and port 49500 I don't even get any trace of an error in the MSME ProductLog and nothing connects to the MQM server and obviously nothing gets quarantined there neither...
I would really appreciate some help...
Thanks very much in advance!
Thanks, but it is really an MQM problem. The same would happend if everything was configured outside of ePO, so to me it is ePO independant...
Let's cross fingers someone can help anyway...
OK, then it would help if you posted in the appropriate spot to start with, perhaps ;-).
I'm only a Moderator trying to direct traffic.
Moved to EMG as that seems to be where most MQM questions are.
I need to start out with a disclaimer. I do not support MSME. I think I've seen the GUI twice in my time here. However, I know a couple things about MQM so I will try to help. If you want to try to use port 49500, I would recommend trying to do a telnet from the MSME to the MQM and see if you can actually connect. As this is a non-standard port, any firewall in between could easily be blocking this. However, my recommendation would be to try to get HTTP/S working for the communication instead. I am not sure what the error code above is complaining about, but a stab in the dark would be that you did not install an SSL certificate to the MQM site in IIS. If there is no SSL cert, and you try an HTTPS connection, it will error out since the site is being asked for its certificate and it does not have one to present. Otherwise, I would recommend to use port 80 for the traffic. On the McAfee Email Gateway(MEG) side of things, this is the port most commonly used for communication between the point product and the MQM.
On a side note, although you have MQM configured to use port 49500 for the communication port, this almost never needs to be changed. Even though it only states 49500, it actually listens and will accept quarantined emails on ports 80, 443, and 49500 without changing this value.
Let me know if anything above helps you out or if I totally missed the mark. Thanks.
Thank you so much for your valuable response!!!! Sorry for the delay in coming back on this. Your valuable input did get me one step closer and indeed loading a Self-Signed Certificate on the IIS "Default Web Site" above the "MQMAdminUI" and "MQMUserUI" web applications and adding the HTTPS binding to this "Default Web Site" helped in the sense that some items destined to be quarantined, but not all, properly arrived in MQM. The problem however is that since this change affected the MQM Admin UI, this has become unstable and mostly unusable since I now get the following message almost everytime I try to logon to it:
I tried in IIS different settings for the "SSL Settings" like force it to require SSL or not but it doesn't change anything as far as access to the MQM console. My MQMAdminUI console is basically broken... If I revert back to the previous configuration, I get the usage of my MQM console back, but obviously nothing gets quarantined in MQM. It looks like it's one or the other but I cannot have both to work properly at the same time. Maybe I need to do further tweaks in IIS to avoid affecting MQMAdminUI, but it inherits whatever is set on the "Default Web Site". It's a shame McAfee doesn't produce any procedure to use port 443 for MQM. They just state it can be used and that's it; figure it out yourself.
Anyway, if you have some thoughts on this, these are of course most welcome!
Thanks again for all your help so far!!!!
glad it got you a bit closer to where you want to be. im racking my brain on this one as it sounds vaguely familiar, i just cant put my finger on it. i would recommend to open a case with support and if they cant figure it out, tell them to talk to me about it and maybe we can get it to a resolution.
for the issue with not all messages making it to the MQM, that might be more on the MSME side. as i said, i dont know much about that product so i would be of limited help but i can poke at it. thanks.