3 Replies Latest reply on Aug 25, 2009 3:54 AM by petr.bohac

    ePO 4.0 Agent on Server 2008 cannot communicate on port 82

      We have a Server 2008 box in our DMZ that the agent cannot communicate via port 82 to our central ePO server. We have many servers in the DMZ and the firewall rules are inplace for server to agent communication.

      But despite this we have this 2008 server (windows firewall disabled) that connot communicate via port 82 to our ePO server.

      Any suggestions?

      This a section of the agent log.

      START cmdline="C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe" /ServiceStart
      2009-08-24 13:44:56 I #2376 FrmSvc ServiceStart
      2009-08-24 13:44:56 I #2376 FrmSvc Running
      2009-08-24 13:44:56 I #3168 FrmSvc Starting Subsystem <Logging>
      2009-08-24 13:44:56 x #3168 Logging Subsystem started
      2009-08-24 13:44:56 I #3168 FrmSvc Starting Subsystem <User Space Controller>
      2009-08-24 13:44:56 I #3168 FrmSvc Starting Subsystem <Management>
      2009-08-24 13:44:56 I #2556 Manage Mangement plugin watch worker thread started
      2009-08-24 13:44:57 x #3168 Manage Subsystem started
      2009-08-24 13:44:57 I #3168 FrmSvc Starting Subsystem <Updater>
      2009-08-24 13:44:57 I #3168 updsubs Starting updater subsystem
      2009-08-24 13:44:57 i #3168 Updater Subsystem started
      2009-08-24 13:44:57 I #3168 FrmSvc Starting Subsystem <Scheduler>
      2009-08-24 13:44:57 I #3168 Sched >>--CSchedule::Start
      2009-08-24 13:44:57 I #3168 Sched Glbs.szMyPlatform: WVSTS:6:0:1
      2009-08-24 13:44:57 I #3168 Sched All the tasks are successfully loaded from the file
      2009-08-24 13:44:57 i #3168 Sched Scheduler is now running
      2009-08-24 13:44:57 I #3168 Sched <<--CSchedule::Start
      2009-08-24 13:44:57 I #3168 FrmSvc Starting Subsystem <Agent>
      2009-08-24 13:44:57 I #3168 Agent Subsystem starting...
      2009-08-24 13:44:57 I #3168 SpiPkgr Specifying spipe 5.0 support in key package
      2009-08-24 13:44:57 I #3168 CSecPkg Found request secret key
      2009-08-24 13:44:57 I #3168 CSecPkg Request private key set successfully
      2009-08-24 13:44:57 I #2720 Agent Agent communication thread started
      2009-08-24 13:44:57 i #2884 Agent Agent will connect to Server in randomized 10 minutes interval
      2009-08-24 13:44:57 I #2388 Agent Agent event worker thread started
      2009-08-24 13:44:57 I #3988 Agent Agent Immediate Events worker thread started
      2009-08-24 13:44:57 I #3168 Agent Subsystem started
      2009-08-24 13:44:57 i #3064 Agent Next policy enforcement in 5 minutes
      2009-08-24 13:44:57 I #3168 FrmSvc Starting Subsystem <Listen Server>
      2009-08-24 13:44:57 I #3888 LstnSvr CAsyncSocket::StartListening (SOCK_STREAM) LISTENING... TRUE
      2009-08-24 13:44:57 x #3168 LstnSvr Subsystem started
      2009-08-24 13:44:57 I #2884 Agent Agent worker thread started
      2009-08-24 13:44:57 i #2884 Agent Agent will connect to Server in : 7 minutes and 36 seconds
      2009-08-24 13:44:57 I #3168 FrmSvc Starting Subsystem <Trusted Connection>
      2009-08-24 13:44:57 I #3168 TrstCon Start
      2009-08-24 13:44:57 I #3168 FrmSvc Service started
      2009-08-24 13:45:07 i #3064 Agent Agent Started Enforcing policies
      2009-08-24 13:45:07 I #3064 Agent Thread signal occurred
      2009-08-24 13:45:07 I #3064 Manage Enforcing policies
      2009-08-24 13:45:07 i #3064 Manage Compiling policies
      2009-08-24 13:45:07 i #3064 Manage Enforcing Policies for EPOAGENT3000META
      2009-08-24 13:45:07 I #3064 Manage CManage::EnforcePolicies() - No policies available for - "EPOAGENT3000META".
      2009-08-24 13:45:08 i #3064 Manage Enforcing Policies for EPOAGENT3000
      2009-08-24 13:45:08 I #3064 Manage CManage::EnforcePolicies() - No policies available for - "EPOAGENT3000".
      2009-08-24 13:45:08 i #3064 Manage Enforcing Policies for McAfee Agent
      2009-08-24 13:45:08 I #3064 Agent CePOAgent::EnforcePolicy priority=-2
      2009-08-24 13:45:08 I #3064 Agent Enforcing policies
      2009-08-24 13:45:08 I #3064 LstnSvr Enforcing Policies
      2009-08-24 13:45:08 I #3064 Logging Enforcing policies
      2009-08-24 13:45:08 I #3064 Manage Enforcing policies
      2009-08-24 13:45:08 I #3064 UsrSpCt Enforcing policies
      2009-08-24 13:45:08 I #3064 UsrSpCt Token not found. Will try to get it from shell
      2009-08-24 13:45:08 I #3064 UsrSpCt Found shell token
      2009-08-24 13:45:08 I #3064 FrmSvc User SID is S-1-5-21-786859928-2660458438-2208096826-1578 and SessionID is 2
      2009-08-24 13:45:08 I #3064 UsrSpCt Try to Launch UdaterUI Again
      2009-08-24 13:45:08 I #3064 UsrSpCt UpdaterUI won't be launched for Terminal Services client session (sessionID=2)
      2009-08-24 13:45:08 I #3064 Sched >>--CSchedule::EnforcePolicy
      2009-08-24 13:45:08 I #3064 Sched <<--CSchedule::EnforcePolicy
      2009-08-24 13:45:08 i #3064 Agent Agent finished Enforcing policies
      2009-08-24 13:45:08 i #3064 Agent Next policy enforcement in 5 minutes
      2009-08-24 13:50:08 i #3064 Agent Agent Started Enforcing policies
      2009-08-24 13:50:08 I #3064 Agent Thread time-out occurred
      2009-08-24 13:50:08 I #3064 Manage Enforcing policies
      2009-08-24 13:50:08 i #3064 Manage Enforcing Policies for EPOAGENT3000META
      2009-08-24 13:50:08 I #3064 Manage CManage::EnforcePolicies() - No policies available for - "EPOAGENT3000META".
      2009-08-24 13:50:08 i #3064 Manage Enforcing Policies for EPOAGENT3000
      2009-08-24 13:50:08 I #3064 Manage CManage::EnforcePolicies() - No policies available for - "EPOAGENT3000".
      2009-08-24 13:50:08 i #3064 Manage Enforcing Policies for McAfee Agent
      2009-08-24 13:50:08 I #3064 Agent CePOAgent::EnforcePolicy priority=-2
      2009-08-24 13:50:08 I #3064 Agent Enforcing policies
      2009-08-24 13:50:08 I #3064 LstnSvr Enforcing Policies
      2009-08-24 13:50:08 I #3064 Logging Enforcing policies
      2009-08-24 13:50:08 I #3064 Manage Enforcing policies
      2009-08-24 13:50:08 I #3064 UsrSpCt Enforcing policies
      2009-08-24 13:50:08 I #3064 UsrSpCt Token not found. Will try to get it from shell
      2009-08-24 13:50:08 I #3064 UsrSpCt Found shell token
      2009-08-24 13:50:08 I #3064 FrmSvc User SID is S-1-5-21-786859928-2660458438-2208096826-1578 and SessionID is 2
      2009-08-24 13:50:08 I #3064 UsrSpCt Try to Launch UdaterUI Again
      2009-08-24 13:50:08 I #3064 UsrSpCt UpdaterUI won't be launched for Terminal Services client session (sessionID=2)
      2009-08-24 13:50:08 I #3064 Sched >>--CSchedule::EnforcePolicy
      2009-08-24 13:50:08 I #3064 Sched <<--CSchedule::EnforcePolicy
      2009-08-24 13:50:08 i #3064 Agent Agent finished Enforcing policies
      2009-08-24 13:50:08 i #3064 Agent Next policy enforcement in 5 minutes
      2009-08-24 13:52:33 i #2884 Agent Agent started performing ASCI
      2009-08-24 13:52:33 I #2884 Agent CAgentWork::IsMacAddressComputerNameChanged priority=-2
      2009-08-24 13:52:33 i #2884 Agent Checking MAC address...
      2009-08-24 13:52:33 I #2884 Agent CAgentWork::GetMacAddressList priority=-2
      2009-08-24 13:52:33 I #2884 Agent CAgentWork::GetMacAddressList4NT GetIpAddrTable() reports: 2 ip addresses on the system (including the loopback address)
      2009-08-24 13:52:33 I #2884 Agent Checking IP address @ index: 0
      2009-08-24 13:52:33 I #2884 Agent szMacAddrList=002219B4CF56;szMacAddr=002219B4CF56;
      2009-08-24 13:52:33 I #2884 Agent Checking IP address @ index: 1
      2009-08-24 13:52:33 i #2884 Agent Checking Computer Name...
      2009-08-24 13:52:33 I #2884 Agent Collecting IP address using Internet Manager
      2009-08-24 13:52:33 I #2884 persite Cache file location = C:\ProgramData\McAfee\Common Framework\sitecache.bin
      2009-08-24 13:52:33 I #2884 persite IP address changed from to XXXXXXXX
      2009-08-24 13:52:33 I #2884 imsite Found site name=ePOSA_XXXXXXXXX
      2009-08-24 13:52:33 I #2884 imsite Found site name=ePOSA_XXXXXXXXX
      2009-08-24 13:52:33 I #2884 imsite Found site name=McAfeeFtp
      2009-08-24 13:52:33 I #2884 imsite Found site name=ePO_XXXXXXXXXX
      2009-08-24 13:52:33 I #2884 naInet HTTP Session initialized
      2009-08-24 13:52:33 I #2884 imsite Connecting to server: XXXXXXXXX on port: 82
      2009-08-24 13:52:54 I #2884 imsite Did not connect to Real Server: XXXXXXXX on port: 82
      2009-08-24 13:52:54 I #2884 imsite Connecting to server: XXXXXXXX on port: 82
      2009-08-24 13:53:15 I #2884 imsite Did not connect to Real Server: XXXXXXXX on port: 82
      2009-08-24 13:53:15 I #2884 imsite Connecting to server: XXXXXXXX on port: 82
      2009-08-24 13:53:36 I #2884 imsite Did not connect to Real Server: XXXXXXXX on port: 82
      2009-08-24 13:53:36 I #2884 naInet HTTP Session closed

      Thanks
      Steve
        • 1. RE: ePO 4.0 Agent on Server 2008 cannot communicate on port 82
          I believe you will find the answer here http://technet.microsoft.com/en-us/library/cc771032%28WS.10%29.aspx wink Simply, disable firewall via proper Group Policy settings or run netsh advfirewall set allprofiles state off
          • 2. RE: ePO 4.0 Agent on Server 2008 cannot communicate on port 82
            Ran the Netsh as suggested, reinstalled the agent manually (framepkg.exe /install-agent /forceinstall), but still no joy.

            2009-08-25 09:44:20 I #3772 FrmSvc Starting Subsystem <Trusted Connection>
            2009-08-25 09:44:20 I #3772 TrstCon Start
            2009-08-25 09:44:20 I #3772 FrmSvc Service started
            2009-08-25 09:44:20 I #1736 FrmSvc User SID is S-1-5-21-786859928-2660458438-2208096826-1578 and SessionID is 2
            2009-08-25 09:44:20 I #1736 Logging StartReadingMessages (\\.\mailslot\{76889C92-A0C0-46e3-A4E1-1D6A5439B8DD}00000714, 0x7f57, 4)
            2009-08-25 09:44:20 I #1736 Logging - using empty 0
            2009-08-25 09:45:02 i #3848 Agent Agent started performing ASCI
            2009-08-25 09:45:02 I #3848 Agent CAgentWork::IsMacAddressComputerNameChanged priority=-2
            2009-08-25 09:45:02 i #3848 Agent Checking MAC address...
            2009-08-25 09:45:02 I #3848 Agent CAgentWork::GetMacAddressList priority=-2
            2009-08-25 09:45:02 I #3848 Agent CAgentWork::GetMacAddressList4NT GetIpAddrTable() reports: 2 ip addresses on the system (including the loopback address)
            2009-08-25 09:45:02 I #3848 Agent Checking IP address @ index: 0
            2009-08-25 09:45:02 I #3848 Agent szMacAddrList=002219B4CF56;szMacAddr=002219B4CF56;
            2009-08-25 09:45:02 I #3848 Agent Checking IP address @ index: 1
            2009-08-25 09:45:02 i #3848 Agent Checking Computer Name...
            2009-08-25 09:45:02 I #3848 Agent Collecting IP address using Internet Manager
            2009-08-25 09:45:02 I #3848 persite Cache file location = C:\ProgramData\McAfee\Common Framework\sitecache.bin
            2009-08-25 09:45:02 I #3848 persite IP address changed from to XXXXXXXX
            2009-08-25 09:45:02 I #3848 imsite Found site name=ePO_XXXXXXXX
            2009-08-25 09:45:02 I #3848 imsite Found site name=ePOSA_XXXXXXXX
            2009-08-25 09:45:02 I #3848 imsite Found site name=ePOSA_XXXXXXXX
            2009-08-25 09:45:02 I #3848 imsite Found site name=McAfeeFtp
            2009-08-25 09:45:02 I #3848 naInet HTTP Session initialized
            2009-08-25 09:45:02 I #3848 imsite Connecting to server: XXXXXXXX on port: 82
            2009-08-25 09:45:24 I #3848 imsite Did not connect to Real Server: XXXXXXXX on port: 82
            2009-08-25 09:45:24 I #3848 imsite Connecting to server: XXXXXXXX on port: 82
            2009-08-25 09:45:45 I #3848 imsite Did not connect to Real Server: XXXXXXXX on port: 82
            2009-08-25 09:45:45 I #3848 imsite Connecting to server: XXXXXXXX on port: 82
            2009-08-25 09:46:06 I #3848 imsite Did not connect to Real Server: XXXXXXXX on port: 82
            2009-08-25 09:46:06 I #3848 naInet HTTP Session closed
            2009-08-25 09:46:06 I #3848 Agent Agent is sending properties version to the ePO Server
            2009-08-25 09:46:06 I #3332 Agent Started processing a package..
            2009-08-25 09:46:06 I #3332 Agent Preparing Props Version Package
            2009-08-25 09:46:06 I #3332 Agent Bad IP address data in the registry
            2009-08-25 09:46:06 I #3332 Agent Agent communication failed, result=-2147467259
            • 3. RE: ePO 4.0 Agent on Server 2008 cannot communicate on port 82
              Did you enable fw service before running netsh command? Coz fw service has to be running, do not disable it. The firewall service significantly changed over the 2003 one.

              What about telnet to 82 port? Or any other services running on your network ... (mail etc.)