cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 10
Report Inappropriate Content
Message 1 of 4

Failed to connect, error 10061 ( No connection could be made because the target machine actively refused it. )

I've seen this error mentioned in several places but no firm answer given.

While trying to push a replication to SADRs at a remote site we get this error within 30 seconds.  I'm pretty sure it's a block at one of the firewalls between me and my subordinate site - but not having an easy time convincing the infrastructure folks of that.  Weirder still, the SADR is talking to the EPO to get policy and DAT updates.  That leads me to believe one specific port is being blocked.

Quick reference, here are the ports my server is configured for:

Agent-to-server communication port:        80
Agent-to-server communication secure port:                                                        Enabled on port                     443                                                   
Agent wake-up communication port:        591
Agent broadcast communication port:        8082
Console-to-application server communication port:        8005
Client-to-server authenticated communication port:        8443

So here's the question, when I press START REPLICATION, which of the above ports is actually being used from the server to the client, 80?  443?

Thanks

Ken

3 Replies
Highlighted
Level 14
Report Inappropriate Content
Message 2 of 4

Re: Failed to connect, error 10061 ( No connection could be made because the target machine actively refused it. )

Kenobe,

This issue occurs when the SuperAgent is on a different subnet than the ePO server and the SuperAgent computer get its IP address via Network Address Translation (NAT).The McAfee Agent binds to the first IP address that it is given during system startup and sends this IP address to ePO. The address given during system startup is not the NAT address. Therefore, ePO can never connect to the SuperAgent.I 'd suggest you to Configure the SuperAgent Repository to be a normal Distributed Repository, using a UNC, FTP, or HTTP path which will be resolved by DNS when doing a replication.

So here's the question, when I press START REPLICATION, which of the above ports is actually being used from the server to the client, 80?  443?

Ans: 443.SPIPE communication with 3DES enryption.

Alexn

Highlighted

Re: Failed to connect, error 10061 ( No connection could be made because the target machine actively refused it. )

Kenobe hi,

Check this article https://kc.mcafee.com/corporate/index?page=content&id=KB58747&pmv=print please. Alexn is right about it.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Failed to connect, error 10061 ( No connection could be made because the target machine actively refused it. )

Superagent repositories are essentially little web servers, serving content on the agent wakeup call port - so in your case port 591. This port will have to be open for replication to succeed.

HTH -

Joe

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community