cancel
Showing results for 
Search instead for 
Did you mean: 

ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

I upgraded our ePO to ver 4.5 with Agent to Server secure port assigned to 443. We disabled it in ePO while we got it changed as per KB66929. After making the required changes I still find the port to be showing up to be 443 when I try to enable the port. Any suggestions on what can be tried next.

1 Solution

Accepted Solutions
McAfee Employee spamidi
McAfee Employee
Report Inappropriate Content
Message 7 of 11

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Please check if apache is listening on the changed port - 8043 via a Netstat command. (netstat -abn ). If the port change was successful, then it should no longer be listening on port 443 - and the UI showing it may be an anomaly

10 Replies

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Have you looked at this KB

https://kc.mcafee.com/corporate/index?page=content&id=KB67605

This article explains how to change the ePolicy Orchestrator (ePO) 4.5 Agent-to-Server communication "secure" port.

To see steps on how to change the ePO 4.5.0 Agent-to-Server communication port, see KB67605.

The Agent-to-Server communication  "secure" port is a new feature for ePO 4.5. On a new ePO 4.5 installation, users can modify the default port value of 443 for the Agent-to-Server communication  "secure" port. Current functionality does not allow modification of this port via the user interface after the product has been installed. When you upgrade from ePO 4.0 to ePO 4.5 RTW, the installer does not list the Agent-to-Server communication  "secure" port so the upgrade will complete using the default 443 value. If you later need to change the port number, follow the Solution in this article.

Only McAfee Agent 4.5 and later can use the secure communication port provided with ePO 4.5. All managed systems with McAfee Agent 4.5 will be affected by this port change, unless the feature has been disabled in the Server Settings on the ePO server. With this feature enabled (the default), you must modify the port setting on each McAfee Agent 4.5 client restart the McAfee Framework Service (manually or via script). Alternatively, you can re-deploy McAfee Agent 4.5 to all affected systems.

NOTE: There is no automatic port validation for this procedure. You must ensure that the selected port is not already in use.

Message was edited by: allamiro on 3/16/11 9:04:36 PM CDT

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Thanks Allamiro.. The KB you provided is for Agent to server communication while I'm facing difficultiies in modifying the Agent to Server secure communication port.

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Hi

McAfee People can confirm this but I think this is kinda look like the  default settings for ePO 4.5  server communication and it wont change meaning  if you disable it then you can use the new modified port  .

Message was edited by: allamiro on 3/18/11 2:08:32 PM CDT
McAfee Employee hem
McAfee Employee
Report Inappropriate Content
Message 5 of 11

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Yes, correct.

Please look at the snap of KB#:KB66929.

In the screenshot, I don't see that you have modified the new port into the DB under ServerInfo table.

Probably, you would have missed to attach the screenshot.

------

Only McAfee Agent 4.5 and later can use the secure communication port provided with ePO 4.5. All managed systems with McAfee Agent 4.5 will be affected by this port change, unless the feature has been disabled in the Server Settings on the ePO server. With this feature enabled (the default), you must modify the port setting on each McAfee Agent 4.5 client restart the McAfee Framework Service (manually or via script). Alternatively, you can re-deploy McAfee Agent 4.5 to all affected systems.

on 19/3/11 9:33:42 AM IST
Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?please select Accept as Solution in my reply and together we can help other members?

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Thanks Hem . As per the KB, running the following SQL command was the first thing we performed before we made modifications to the entry in the httpd.conf and ssl.conf files.

Update ePO4_USTLSSWA057.dbo.EPOServerInfo

Set ServerHttpsPort = 8043

McAfee Employee spamidi
McAfee Employee
Report Inappropriate Content
Message 7 of 11

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Please check if apache is listening on the changed port - 8043 via a Netstat command. (netstat -abn ). If the port change was successful, then it should no longer be listening on port 443 - and the UI showing it may be an anomaly

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Thanks Sailendra, 8043 is not showing up when i ran netstat. Do we need to restart the SQL services when we execute the above SQL command? Or can we check in SQL server management studio if the above command has made a change to the port in DB?

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 9 of 11

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Hi...

You shouldn't need to restart the SQL services, no. You can check the value in the db by running the following query against the ePO db from management studio:

select serverhttpsport from eposerverinfo

This should return 8043... is that correct?

HTH -

Joe

(PS - quick update - it's definitely this entry that control what is displayed in the config page, so I'm guessing it's not set correctly...)

Message was edited by: JoeBidgood on 21/03/11 10:14:27 GMT
Highlighted

Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

Jump to solution

Thanks Joe, I ran the query and found that the port was not changed properly as it was showing up as 443. I reran the query again with the brackets around the database name and modified the port. Since then i see port 8043 showing up when i try to enable the Secure port.

Thanks all for your support.

port8043.JPG

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community