cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GuruprasadNijal
Level 8
Report Inappropriate Content
Message 1 of 7
‎05-17-2020 10:31 PM

The driver received an unexpected pre-login response

Hello All,

 

We are using 7.14 connector and we tried on boarding McAfee epo but getting below error, please check and let me know if any one faced same issue.

 

 

[The TCP/IP connection to the host ACPLKSRV011, port 9082 has failed. Error: "The driver received an unexpected pre-login response. Verify the connection properties and check that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. This driver can be used only with SQL Server 2000 or later.".

 

Thanks in advance

Guruprasad

Cyber Security Analyst 

0 Kudos
Reply
6 Replies
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7
‎05-18-2020 12:07 AM

Re: The driver received an unexpected pre-login response

Hello GuruprasadNijal

Thank you for your post.

Could you please clarify with product is the connector 7.14?

0 Kudos
Reply
Hem
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 7
‎05-18-2020 12:12 AM

Re: The driver received an unexpected pre-login response

Request to paraphrase the issue and details of products you are reporting issue about? If possible, please share the screenshot of error message you are getting.

Reply
GuruprasadNijal
Level 8
Report Inappropriate Content
Message 4 of 7
‎05-18-2020 01:21 AM

Re: The driver received an unexpected pre-login response

 

Hello Team,

 

The product which we on boarding is follows:

McAfee e PO version: 5.3

Arc-sight Connector Version: 7.14

Error:

INFO | jvm 1 | 2020/05/18 01:14:12 | Tried version [dlp10.x/epo5.3]. ERROR: [The TCP/IP connection to the host ACPLKSRV011, port 9082 has failed. Error: "The driver received an unexpected pre-login response. Verify the connection properties and check that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. This driver can be used only with SQL Server 2000 or later.". ClientConnectionId:ec8b4fae-8458-43c0-893e-1dbabc6cb7f6]

0 Kudos
Reply
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 7
‎05-18-2020 02:14 AM

Re: The driver received an unexpected pre-login response

Hello GuruprasadNijal

At this point the ePO server is not involved, im not an expert with the Arc-sight Connector but i assume it is attempting to communicate to the SQL DB and it fails with that error, if that’s the case then i can suggest testing the connection from that Device back to the DB, we do have an article that explain how to use the Microsoft test.udl file to test the connection from a windows machine:

https://kc.mcafee.com/corporate/index?page=content&id=KB70929

but if the connection fails from the Arc-sight device then i can suggest to contact their support so they can review the mentioned error

Reply
GuruprasadNijal
Level 8
Report Inappropriate Content
Message 6 of 7
‎05-19-2020 01:41 AM

Re: The driver received an unexpected pre-login response

Hello Aguevara,

As suggested we had tested connectivity locally and found port was the issue.

After changing the port in Arcsight parameter we are getting below error(Read timed out error).

Please check if you any solutions let me know.

Error which we are receiving currently:
Connector table parameters did not pass the verification with error [; nested exception is:
java.net.SocketTimeoutException: Read timed out] for connector [McAfee]. Do you still want to continue?

 

Regards,

Guruprasad

0 Kudos
Reply
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 7
‎05-19-2020 01:47 AM

Re: The driver received an unexpected pre-login response

Hello GuruprasadNijal

It sounds like still there is something interfering on the network, particularly because of the SocketTimeoutException message, maybe a wireshark trace will help identify why there is a time out, if nothing can be found I can suggest you to please contact Arcsight as they will understand better what is required and their error codes

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC