I would need to see the whole wireshark capture, but here is something to look at. In the screenshot, the source responding is a cisco device, which is most likely your firewall or proxy. You don't know the other side of it, where the proxy or firewall is connecting to epo.mcafee.com. It may be passing its own certificate, etc. There is more to it than just what you showed. They need to check the proxy/firewall logs to ensure that even though traffic may be allowed, there is no ssl inspection that might be blocking the certificate exchange.
Was my reply helpful? If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.