cancel
Showing results for 
Search instead for 
Did you mean: 
avilt
Level 7
Report Inappropriate Content
Message 1 of 6

Relay server discovery Excessive 8083 UDP Traffic

I have setup ePO with agent 4.8 on Windows for White-listing deployment.

I am seeing excessive UDP 8083 traffic on firewall which is listed as denial of service.

What is this service all about? Can it be disabled or fine tuned not to send excessive traffic floods?

5 Replies
Reliable Contributor tao
Reliable Contributor
Report Inappropriate Content
Message 2 of 6

Re: Relay server discovery Excessive 8083 UDP Traffic

8083 UDP: Relay server discovery for version 4.8 agents - When a McAfee Agent fails to connect to the McAfee ePO server, it broadcasts a message to discover any McAfee Agent with relay capability in its network. Each RelayServer responds to the message and the McAfee Agent establishes a connection with the first RelayServer to respond.

McAfee Corporate KB - kb66797

avilt
Level 7
Report Inappropriate Content
Message 3 of 6

Re: Relay server discovery Excessive 8083 UDP Traffic

I have not set any Relay server, Is it enabled by default for the client to send boradcast to discover Relay Server?

I beleive this can be set from Agent General policy, deselect  Enable Relay Communication.

Also is it necessary to have a proper name resolution (DNS) for the client to communicate to ePO server?

Reliable Contributor tao
Reliable Contributor
Report Inappropriate Content
Message 4 of 6

Re: Relay server discovery Excessive 8083 UDP Traffic

"Is it enabled by default for the client to send boradcast to discover Relay Server?" - I don't believe so; this seems to be an option that needs manual configuration.

" Agent General policy, deselect  Enable Relay Communication." - Correct

"...necessary to have a proper name resolution (DNS) for the client to communicate to ePO server?" - Review order under Server Settings <> Agent Contact Method; since the agent will be using FQDN in some sort of order it would be better to have a FQDN name for your ePO server and systems then not to have one. IPs tend to change, so communicating by FQDN should increase the success rate of pushing policies, tasks, updates so on... to the precise system verse relying on the reported IP. 

Reliable Contributor tao
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: Relay server discovery Excessive 8083 UDP Traffic

If this has been answered then mark it - it will assist others when they search the forum

avilt
Level 7
Report Inappropriate Content
Message 6 of 6

Re: Relay server discovery Excessive 8083 UDP Traffic

Still under investigation.