4 Replies Latest reply on Dec 2, 2009 11:04 AM by swissnic

    ePO 4.5 cannot talk to agents.

      I have ePO 4.5 on win2k3 and 5 xpsp2 machines to test with. 4 have agent 4.0 and 1 has agent 4.5b.

      I can 'collect and send props' without issue. I can not perform "agent wakeup" I get:

      9/17/09 10:15:53 AM Waking up agent at IP address 157.62.125.30
      9/17/09 10:15:53 AM Error while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
      9/17/09 10:15:53 AM Wakeup agent failed


      The machine at that IP has no firewall services enabled. I get the same messages for all other machines.

      I can't find a policy that blocks agent to server http response, what am i missing?

      Thanks for any help you may offer.
        • 1. RE: ePO 4.5 cannot talk to agents.
          I have all firewalls off, no ACL's between subnets, and I can telnet to the client over the 8081 port... still no joy.

          I can wake up agents on the same subnet. What technologies is ePO expecting to have in place in order for these calls to work?

          20090925075322 E #0940 NAIMSRV Failed to read spipe http response, err=-14
          20090925075322 E #0940 NAIMSRV Server failed to wake up {ip address removed}, detailed error = -14
          • 2. Re: RE: ePO 4.5 cannot talk to agents.

            I have a similar issue.  We have a number of test environments - one running EPO 4.0 and one running 4.5.

             

            Everything works perfectly in 4.0.  Same build, software and agents in 4.5 system - and have the same/similar problem to above.

             

            EPO 4.5 sync's with AD and finds a new host.  It pushes out and installs agent.  At this point, I can issue a wake-up call from EPO to Agent.  Agent downloads policies and tasks successfully.  Agent installs VSE87 correctly.  Agent downloads and installs latest AV engine and sig files.

             

            Now if I try to issue a wake-up command, it fails with the following:

             

            Starting agent wakeup for ZD02D1DOMV002
            12/2/09 1:42:03 PMWaking up agent ZD02D1DOMV002.zd02.local using DNS name
            12/2/09 1:42:03 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:03 PMWaking up agent ZD02D1DOMV002 using NetBIOS
            12/2/09 1:42:03 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:03 PMWaking up agent at IP address 10.28.72.31
            12/2/09 1:42:03 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:03 PMWakeup agent failed
            12/2/09 1:42:43 PMWaking up agent ZD02D1DOMV002.zd02.local using DNS name
            12/2/09 1:42:43 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:43 PMWaking up agent ZD02D1DOMV002 using NetBIOS
            12/2/09 1:42:43 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:43 PMWaking up agent at IP address 10.28.72.31
            12/2/09 1:42:43 PMError while reading TCP/IP response from remote system, possible firewall or agent policy blocking agent to server HTTP response
            12/2/09 1:42:43 PMWakeup agent failed

             

            This system is on a single switch / single VLAN and on the same sub-net.  No host or network firewalls enabled.

             

            I cannot open http://localhost:8081 on the Agent machine to view logs, but I can access the Agent Status, and manually push and pull...

             

            If the same version of agent is deployed by EPO4.0, http://localhost:8081 works...

             

            Any ideas?

             

            Cheers Nic.

            • 3. Re: RE: ePO 4.5 cannot talk to agents.
              RMCCULLO

              There is a Critical issue with the VSE 8.7 Patch 2 repost Exension that removes the default agent exclutions for the ASCI Ports. This caused the VSE AP to block the agent ports. From the logs you submitted it appears you may have this issue.

               

              So first go to the McAfee Download page and get the newly posted VSE 8.7 Extension. Please see KB67452 for more information.

               

              Also I dont beleive this is caused because of ePO 4.5 and MA. Its going to be a policy issue with VSE or your Windows firewall that is blocking the ports that the agent use.

              • 4. Re: RE: ePO 4.5 cannot talk to agents.

                Thanks for this Ryan - that makes sense!

                 

                We dont have any firewalls running, and Windows Firewall is disabled via GPO from the Active Directory...  (and I have confirmed this manually! ;o)

                 

                VirusScan Enterprise 8.7 extensions version 8.7.0.151 are currently installed on the EPO 4.5 server

                VirusScan Enterprise 8.7 extensions version 8.7.0.141 are currently installed on the EPO 4.0 server

                 

                I don't have access to the internet from the Test Lab, but I have asked for the newest extensions to be downloaded.  Does the versions above confirm or contradict your theory?

                 

                Thanks for your help by the way - a nice end to a dull day!

                 

                Cheers, Nic.