7 Replies Latest reply on Nov 5, 2009 11:40 AM by CIPHENT.com

    McAfee Foundation Services at ePO 4.5 login screen

      I have recently upgraded from ePO 4.0 to ePO 4.5. I installed 4.5 over the existing 4.0 application. The installation was sucessfully, but now when I attempt to access the ePO login page, I similar logon box appears with McAfee Foundation Services across the top. I attempt to logon with every user account that existed in the ePO 4.0 application, even the admin credentials used during the installation, but none work. I cannot log into my ePO 4.5 server and my agents are no longer able to reach it.

       

      I am using port 443 as my console-to-application server port and port 80 for agent-to-server communication. I had to manually change the agent-to-server secure commucation port that is installed with ePO 4.5 for the default of 443 to 8445 using KB66929. Once this change was made, and I tried to access the server page, the McAfee Foundation Services logon screen appeared.

       

      So, currently I can't login in my ePO server. I have tried to manually enter a different password, MD5 hash, into the database table. I was still unable to login. Can someone help me with this issue. I have attached the error from the Orion.log file that is occuring when I attempt to login.

       

       

      2009-11-04 09:16:06,951 INFO  [Thread-1] http11.Http11BaseProtocol  - Pausing Coyote HTTP/1.1 on http-443
      2009-11-04 09:16:06,966 INFO  [Thread-1] http11.Http11BaseProtocol  - Pausing Coyote HTTP/1.1 on http-8443
      2009-11-04 09:16:06,966 INFO  [Thread-1] http11.Http11BaseProtocol  - Pausing Coyote HTTP/1.1 on http-8445
      2009-11-04 09:16:07,967 INFO  [Thread-1] core.StandardService  - Stopping service Catalina
      2009-11-04 09:16:14,092 INFO  [Thread-1] http11.Http11BaseProtocol  - Stopping Coyote HTTP/1.1 on http-443
      2009-11-04 09:16:14,092 INFO  [Thread-1] http11.Http11BaseProtocol  - Stopping Coyote HTTP/1.1 on http-8443
      2009-11-04 09:16:14,092 WARN  [Thread-1] connector.MapperListener  - Error unregistering MBeanServerDelegate
      java.lang.NullPointerException
      at org.apache.catalina.connector.MapperListener.destroy(MapperListener.java:162)
      at org.apache.catalina.connector.Connector.stop(Connector.java:1138)
      at org.apache.catalina.core.StandardService.stop(StandardService.java:519)
      at org.apache.catalina.core.StandardServer.stop(StandardServer.java:734)
      at org.apache.catalina.startup.Catalina.stop(Catalina.java:602)
      at org.apache.catalina.startup.Catalina.start(Catalina.java:577)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
      at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
      2009-11-04 09:16:14,092 INFO  [Thread-1] http11.Http11BaseProtocol  - Stopping Coyote HTTP/1.1 on http-8445
      2009-11-04 09:17:52,347 INFO  [Thread-1] core.StandardService  - Starting service Catalina
      2009-11-04 09:17:52,347 INFO  [Thread-1] core.StandardEngine  - Starting Servlet Engine: Apache Tomcat/5.5.27
      2009-11-04 09:17:52,362 INFO  [Thread-1] core.StandardHost  - XML validation disabled
      2009-11-04 09:18:10,098 INFO  [Thread-1] http11.Http11BaseProtocol  - Starting Coyote HTTP/1.1 on http-443
      2009-11-04 09:18:10,379 INFO  [Thread-1] http11.Http11BaseProtocol  - Starting Coyote HTTP/1.1 on http-8443
      2009-11-04 09:18:12,160 ERROR [Thread-1] http11.Http11BaseProtocol  - Error starting endpoint
      java.net.BindException: Address already in use: JVM_Bind:8445
      at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:29 8)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:3 13)
      at org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:151)
      at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:76)
      at org.apache.catalina.connector.Connector.start(Connector.java:1090)
      at org.apache.catalina.core.StandardService.start(StandardService.java:457)
      at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
      at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
      at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
      2009-11-04 09:18:12,160 ERROR [Thread-1] startup.Catalina  - Catalina.start:
      LifecycleException:  service.getName(): "Catalina";  Protocol handler start failed: java.net.BindException: Address already in use: JVM_Bind:8445
      at org.apache.catalina.connector.Connector.start(Connector.java:1097)
      at org.apache.catalina.core.StandardService.start(StandardService.java:457)
      at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
      at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
      at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
      2009-11-04 09:18:12,160 INFO  [Thread-1] startup.Catalina  - Server startup in 20579 ms

        • 1. Re: McAfee Foundation Services at ePO 4.5 login screen
          GWIRT

          2009-11-04 09:18:10,379 INFO  [Thread-1] http11.Http11BaseProtocol  - Starting Coyote HTTP/1.1 on http-8443

          2009-11-04 09:18:12,160 ERROR [Thread-1] http11.Http11BaseProtocol  - Error starting endpoint

          java.net.BindException: Address already in use: JVM_Bind:8445 at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:29 8)

           

           

          This message indicated that Tomcat can't bind to 8445. You can try stopping all the ePO services and run the following on the ePO server to see if that port is still in use:

           

          netstat -ano | find "8445"

           

          If an entry is returned, there's the problem, you will need to find out what process is associated with the PID from the output and work out the conflict. Either change the port ePO is using or the port the app is using.

           

          Hope that helps.

          1 of 1 people found this helpful
          • 2. Re: McAfee Foundation Services at ePO 4.5 login screen

            Thank you for the suggestion, but no it didn't help. With the ePO services stopped, I ran the netstat command and nothing returned. So, that confirmed that no other application, other than ePO, is using port 8445.

             

            I also ran this same command against port 443, and confirm that only ePO is untilizing that port. 

             

            Any other suggestions?

            • 3. Re: McAfee Foundation Services at ePO 4.5 login screen
              GWIRT

              Unfortunately this may be a bigger problem that what can be addressed on these forums. I would suggest opening a ticket with McAfee Support to further troubleshoot this issue.

              • 4. Re: McAfee Foundation Services at ePO 4.5 login screen
                RMCCULLO

                Can you attach a copy of the httpd.conf?

                Most likely you missed a step in the KB.

                • 5. Re: McAfee Foundation Services at ePO 4.5 login screen

                  Thanks for all the help. I contacted Support, and going by the log, they suggested manual changing the Agent-to-Server Sercure communcation port again. Even though a netstat command confirmed that only ePO was using that port, changing the port from 8445 to 8080 worked. I can access the console and my upgrade appears to have been sucessful.

                   

                  This is great progess, but its not a permanant fix. I need the port to be 8445. I believe the issue has something to do with the translation of ports in ePO4.0 to ePO4.5, or understanding of those ports. In my configuration:

                  ePO4.0       

                  Agent to Server Communcation port                    80 

                  Agent Wakeup Communcation port                     591

                  Agent Broadcast Communcation port                  8082

                  Event Parser to Application Server Comm Port     8445

                  Console to Application Sever Comm port             443  

                  Sensor to Server Communication Port                 8443

                   

                  ePO4.5

                  Agent to Server Communcation port                    80

                  Agent to Server Secure Comm port                     8080(needs to be 8445)

                  Agent Wakeup Communcation port                    591

                  Agent Broadcast Communcation port                  8082

                  Console to Application Sever Comm port             443

                  Client to Server Authenticated Comm port           8443

                   

                  So, with the Agent-to-Server Secure Port configured to be 8445, can someone explain to me why I was having that issue. Where the conflict was occuring?                                     

                   

                   

                  Message was edited by: aaron.baker on 11/5/09 7:32 AM
                  • 6. Re: McAfee Foundation Services at ePO 4.5 login screen
                    GWIRT

                    ePO 4.5 doesn't utilize the Event Parser-to-Application Server port anymore so I am curious what could be listening on port 8445. With the changes you have made currently, if you run a netstat, is there still something listening on port 8445? Is it tomcat? If it is, there is probably something misconfigured in the server.xml.

                     

                    Also, if you go through the steps again and change the port back to 8445, does the same problem reoccur?

                    1 of 1 people found this helpful
                    • 7. Re: McAfee Foundation Services at ePO 4.5 login screen

                      Ok, here's the answer. When you initially did the upgrade, you couldn't access the the ePO webpage due to a port conflict between the console-to-application server port and the agent-to-server secure communication port, both using 443. You changed the agent-to-server secure comm port from 443 to 8445, which made the McAfee Foundation Services login screen appear when trying to access the ePO webpage and you couldn't login. This is also due to a port conflict. By default, ePO 4.5 uses port 8445 as the event parser-to-server communication port. So, when you changed the agent-to-server secure comm port to 8080, everything worked as it should. 

                       

                      Unfortunately, the event parser-to-server comm port is only configurable during the fresh installation of ePO 4.0 and 4.5. There are currently no easy config changes for modifying that port, and in the ePO 4.5 console, that port isn't even listed as a server port, Menu|Configuration|Server Settings click Ports. This should explain everything.

                       

                      Team Ciphent