Recently upgraded from McAfee FW for Linux (HIPS) to Endpoint Security Firewall 10.6.5. On the hourly agent to endpoint communication, I'm getting the following error (as seen in mfefirewall.log):
Oct 07 18:30:03 fcc1014 INFO msgbus  Received Timer event to read msgbus config file
Oct 07 18:30:03 fcc1014 INFO msgbus  msgbus connectvity status : Connected
Oct 07 18:30:03 fcc1014 ERROR msgbus  failed to even fallback approach for credentials, 512
Oct 07 18:30:03 fcc1014 ERROR msgbus  exchanged information are not matching, rejecting connection.
Oct 07 18:30:03 fcc1014 ERROR msgbus  Connection Failed
The effect is the firewall will not accept new options/rules via ePO.
Solved! Go to Solution.
Please upgrade to the ENS Linux Firewall 10.6.6 version that is releasing today.
TSDE-2298 Firewall blocks any in/out packets during policy enforcement. This release resolves the issue.
TSDE-2658 Firewall incorrectly updates policy during partial policy enforcement. This release resolves the issue.
I tried to install 10.6.6 FW on 6 hosts using the oasoff command line option, but it failed on all with the message:
Sent Run Now task "McAfee Agent > Product Deployment" to "mmc0701"
Run now task McAfee Agent > Product Deployment received.
Run now task started.
Run now task McAfee Agent > Product Deployment failed.
Details: Product "ENDP_FW_1060LYNX" installation failed, reason "Unknown error"..
If possible, please submit a Service Request to Support with Agent & ENSLFW MER files to review the install failure further. I'm wondering if the command line options being used may be the cause.