cancel
Showing results for 
Search instead for 
Did you mean: 
bob325
Level 7
Report Inappropriate Content
Message 1 of 5

1 epo// agent DMZ handler unable to connect with client on public IP address

Agent  hanlder  4.6.6  freshly  install  , clients  connect  to  the  IP public  internet  are unable  to  conect  to  agent  handler .  Last  connection  with  ePO  is  connected  by  no  clients.  agent hanlder  list  is  does  not  show  dns  name  only  server  name  in  the  epo

logs  from  agent  handler  showing  error  below  ;

20140209161332 E #00240 EPODAL   File: .\ePOData_Connection.cpp(555)

20140209161332 E #00240 EPODAL   Function: DAL2_CConnection::GetConnection

20140209161332 E #00240 EPODAL   Source: Microsoft OLE DB Provider for SQL Server

20140209161332 E #00240 EPODAL   Description: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.

20140209161332 E #00240 mod_eporepo CEpoRepoNotify::getMessagesFromDB: Caught SQL com error Unspecified error

20140209161332 E #02492 EPODAL   COM Error: 0x80004005

20140209161332 E #02492 EPODAL   File: .\ePOData_Connection.cpp(538)

20140209161332 E #02492 EPODAL   Function: DAL2_CConnection::GetConnection

20140209161332 E #02492 EPODAL   Source: Microsoft OLE DB Provider for SQL Server

20140209161332 E #02492 EPODAL   Description: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.

20140209161332 E #02492 EPODAL   COM Error: 0x80004005

20140209161332 E #02492 EPODAL   File: .\ePOData_Connection.cpp(555)

20140209161332 E #02492 EPODAL   Function: DAL2_CConnection::GetConnection

20140209161332 E #02492 EPODAL   Source: Microsoft OLE DB Provider for SQL Server

20140209161332 E #02492 EPODAL   Description: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.

20140209161332 E #02492 NAIMSRV  dataChannelDAO_getWork: Caught SQL com error Unspecified error

20140209210028 I #00240 mod_eporepo Pausing cache flush 30 seconds for synchronization with master ePO server

20140209210030 I #03872 NAIMSRV  Notify Message - "SiteListChanged"

20140209210058 I #00240 mod_eporepo Cache access resumed

20140209210058 I #04604 mod_eporepo Background processing of repository changes starting

20140209210100 I #03872 NAIMSRV  Reading Updated Server configuration data from database..

20140209210100 I #03872 NAIMSRV  Siteinfo.INI version update, old = 2206460, new = 2217626

20140209210119 E #00824 mod_eporepo Failed to send http request.  System error=12002

20140209210119 E #00824 mod_eporepo Error connecting to https:/xxxxxxxx/.com:443/Software/replica.log

20140209210119 E #00824 mod_eporepo Failed to download content for https://xxxxxxxx.com:443/Software/replica.log, system error 2

20140209210120 I #04604 mod_eporepo Background processing of repository changes ended

20140210220014 I #03872 NAIMSRV  Notify Message - "SiteListChanged"

20140210220014 I #03872 NAIMSRV  Reading Updated Server configuration data from database..

20140210220014 I #03872 NAIMSRV  Siteinfo.INI version update, old = 2217626, new = 2274416

20140210220019 I #00240 mod_eporepo Pausing cache flush 30 seconds for synchronization with master ePO server

20140210220049 I #00240 mod_eporepo Cache access resumed

20140210220049 I #04604 mod_eporepo Background processing of repository changes starting

20140210220110 E #00824 mod_eporepo Failed to send http request.  System error=12002

20140210220110 E #00824 mod_eporepo Error connecting to https://xxxxxxxx.com:443/Software/replica.log

20140210220110 E #00824 mod_eporepo Failed to download content for https://xxxxxxxxx.com:443/Software/replica.log, system error 2

20140210220111 I #04604 mod_eporepo Background processing of repository changes ended

4 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: 1 epo// agent DMZ handler unable to connect with client on public IP address

To me this looks like a major problem with the AH being unable to reliably communicate with ePO and the SQL server, possibly due to a name resolution problem.

Before anything else please confirmt hat you have connectivity from the AH machine to the ePO server and to the SQL server on all the necessary ports - by default these are going to be 80, 443, 8443, and 1433 for SQL, but obviously check the ports that you are using

HTH -

Joe

bob325
Level 7
Report Inappropriate Content
Message 3 of 5

Re: 1 epo// agent DMZ handler unable to connect with client on public IP address

Thanns  Joe  for your  prompt  update.

The  last communication  between  epo  and  AH  is  about  2  mins.  thats  means ,  AH can  communicate  with  ePO.  Dont  understand  why  AH  443  to  contact  epo  ,  we  have port  8444  open  as  advise  on  AH  white  papper. I also  noticed  that machines  connect  to  ah  are  not  list  on the  AH.

Port  443  is  open  in  oneway only (from  epo  to  AH) and  others ports  are  open  as advisedd  by  AH  white  papper.  My  main  concern  is  why  clients machines  are not  listed  on  AH  even  if  they are  connect  to  the  AH.

Will proivde  a  screen shot  for  more  information

Thanks  and regards

Noel

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: 1 epo// agent DMZ handler unable to connect with client on public IP address

443 needs to be open so that the AH can pull content from the master repository to provide to the clients - if none of the machines downstream of the AH are configured to use the master repo for updates, then in theory you could leave this closed.

Far, far more critical is the SQL connection. The AH *must* be able to reliably talk to the SQL server: I would concentrate on this first.

HTH -

Joe

bob325
Level 7
Report Inappropriate Content
Message 5 of 5

Re: 1 epo// agent DMZ handler unable to connect with client on public IP address

Thanks  Joe  for  your  feedback . I ave  connection  now  between  ePO  and  the  AH.  but  still  not  have  connection  between  AH and  client  machine  when is  connect  to  the  public  internet .  Mcafee  agent  log below does  show  any  specific  error;

2014-02-22 02:14:53.441 X #4996 MPMutex CreateMutex,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.441 X #4996 Event WaitForSingleObject,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.441 X #4996 Xml ConvertBufferToUnicode,858

2014-02-22 02:14:53.442 X #4996 UsrSpCt Policy:GeneralSmiley FrustratedhowAgentUI=1

2014-02-22 02:14:53.442 X #4996 UsrSpCt Policy:General:bAllowUpdateSecurity=1

2014-02-22 02:14:53.442 X #4996 MPMutex ReleaseMutex,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.442 X #4996 UsrSpCt Enforcing Policy for Each IDialog

2014-02-22 02:14:53.443 I #4996 Sched >>--CSchedule::EnforcePolicy

2014-02-22 02:14:53.443 X #4996 Sched Enforcing Policies

2014-02-22 02:14:53.443 X #4996 Sched >>--Manage_GetTaskInfo

2014-02-22 02:14:53.443 X #4996 Sched <<--Manage_GetTaskInfo

2014-02-22 02:14:53.443 X #4996 Sched >>--CSchedule::CleanTasks

2014-02-22 02:14:53.443 X #4996 Sched <<--CSchedule::EnumTask

2014-02-22 02:14:53.443 X #4996 Sched <<--CSchedule::CleanTasks

2014-02-22 02:14:53.444 I #4996 Sched <<--CSchedule::EnforcePolicy

2014-02-22 02:14:53.444 I #4996 Manage Initializing Event Interface

2014-02-22 02:14:53.444 X #4996 RegKey RegCreateKey,80000002,SOFTWARE\Network Associates\ePolicy Orchestrator\Agent

2014-02-22 02:14:53.444 X #4996 RegKey  =000006cc

2014-02-22 02:14:53.445 X #4996 RegKey RegQueryValueEx,000006cc,LoggedOnUser

2014-02-22 02:14:53.445 X #4996 RegKey  =awx4782b

2014-02-22 02:14:53.445 X #4996 RegKey RegCloseKey,000006cc

2014-02-22 02:14:53.445 I #4996 Manage EpoEventInf Interface: Initialization succeeded.

2014-02-22 02:14:53.450 i #4996 Manage Enforcing Policies for EPOAGENT3000META

2014-02-22 02:14:53.453 i #4996 Manage Enforcing Policies for EPOAGENT3000

2014-02-22 02:14:53.457 X #4996 MPMutex CreateMutex,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.457 X #4996 Event WaitForSingleObject,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.458 X #4996 MPMutex ReleaseMutex,4E7BA38E-A971-4095-93DA-FB5311973807

2014-02-22 02:14:53.458 I #4996 Manage DeInitializing Event Interface

2014-02-22 02:14:53.458 I #4996 Manage EpoEventInf Interface: Deinitialization succeeded.

2014-02-22 02:14:53.458 i #4996 Agent Agent finished Enforcing policies

2014-02-22 02:14:53.458 i #4996 Agent Next policy enforcement in 5 minutes

2014-02-22 02:16:21.045 X #5076 curl 043db848 info 22 Closing connection #0`0a

2014-02-22 02:16:21.046 X #5076 curl 043db848 info 23 Closing ssl connection`0a

2014-02-22 02:16:21.046 X #5076 curl 043db848 info 23 Closing ssl connection`0a

2014-02-22 02:16:21.047 X #5076 curl 043db848 info 23 Closing ssl connection`0a

2014-02-22 02:16:21.047 X #5076 curl 043db848 info 20 Timeout was reached`0a

2014-02-22 02:16:21.047 X #5076 naInet curl returned 28

2014-02-22 02:16:21.048 X #5076 naInet Calling upload file response

2014-02-22 02:16:21.048 X #5076 naInet Opening file  C:\ProgramData\McAfee\Common Framework\Unpack\pkg00130375033492660000_4197050973.spkg callback

2014-02-22 02:16:21.048 X #5076 naInet Opening file  C:\ProgramData\McAfee\Common Framework\Unpack\pkg00130375034124430000_222444627.spkg callback

2014-02-22 02:16:21.049 X #5076 naInet Content length is 1153

2014-02-22 02:16:21.049 X #5076 naInet Set all curl options

2014-02-22 02:16:21.050 X #5076 naInet url is https://DE3001:443/spipe/pkg?AgentGuid={75CD8735-B9A3-4724-AD21-63FE60CE53EE}&Source=Agent_3.0.0

2014-02-22 02:16:21.055 X #5076 curl 043db848 info 47 About to connect() to DEFRAV3001 port 443 (#0)`0a

2014-02-22 02:16:21.055 X #5076 curl 043db848 info 25   Trying 80.xx.xxx.xxx ( Public  dns  )..

2014-02-22 02:16:21.070 X #5076 curl 043db848 info 10 connected`0a

2014-02-22 02:16:21.070 X #5076 curl 043db848 info 53 Connected to DEFr  (80.xx.xx.xx.x) port 443 (#0)`0a      (here  trying  to  connect  to  the  agent  handler)

2014-02-22 02:16:21.071 X #5076 curl 043db848 info 29 Connecting ssl blocking mode`0a