6 Replies Latest reply on Dec 15, 2009 6:56 AM by marek_g

    Cannot update Master Repository

      Hi all,

       

      I've just installed ePO 4.5 on Windows Server 2008 along with MS SQL Server Express 2008; the new ePO seems to be working good, but it just cannot download any updates from McAfee; the error is:

       

      "Failed to download file Current\VIRUSCAN8700\LangPack\0000\Vse0401.chm from site update.nai.com:80, error code 10054 ( An existing connection was forcibly closed by the remote host. )".

       

      Does anybody have any idea what can cause this problem?

      Thanks.

        • 1. Re: Cannot update Master Repository
          Sailendra Pamidi

          Hi Marek,

            Can you try to pull using the McAfee FTP site? This will help isolate if the issue is something on the McAfee server side. Also, please check if you have any proxy/firewall blocking the files from downloading.

           

          try opening the link: http://update.nai.com:80/Product/CommonUpdater/ from the ePO server system and manually attempt to download the file from IE (you will need to drill down in the folder structure).

           

          If the error persists, please collect the following and open a case with McAfee support:

           

          Enable debug level 8 Log on the ePO server

           

          HKLM\Software\Network Associates\ePolicy Orchestrator\LogLevel (DWORD) = 8

           

          Increase Log size to 10MB

           

          HKLM\Software\Network Associates\ePolicy Orchestrator\LogSize (DWORD) = a

           

          Perform a Pull from McAfee HTTP and followed by McAfee FTP.

           

          Use the nslookup command to return the IP addresses for:
          ftp.nai.com
          update.nai.com 


          Collect information using Ping
          Click Start, Run, type CMD and click OK.
          Type the following command and press ENTER:

          update.mcafee.com

          The following type of reply should display:

          Reply from 63.147.175.37: bytes=32 time=158ms TTL=45
          Reply from 63.147.175.37: bytes=32 time=157ms TTL=45
          Reply from 63.147.175.37: bytes=32 time=161ms TTL=45
          Reply from 63.147.175.37: bytes=32 time=158ms TTL=45
           
          Take a screenshot of the command window or, using your mouse, select all the text in the screen.
          Right-click anywhere in command windows menu bar and click Edit, Copy.
          Open Notepad, right-click anywhere in the document and click Paste.
          Save the document as PING.TXT.

          Step 7 - Collect information using Tracert
          Click Start, Run, type CMD, then click OK.
          Type the following command and press ENTER:

          TRACERT update.mcafee.com

          The following type of reply should be displayed:

          Tracing route to a1368.g.akamai.net [63.147.175.37] over a maximum of 30 hops:

          1 <1 ms <1 ms <1 ms 161.69.133.251
          2 <1 ms <1 ms <1 ms aylrt1.corp.nai.org [161.69.135.249]
          3 3 ms 4 ms 3 ms 10.191.246.45
          4 9 ms 9 ms 8 ms 10.191.246.14
          5 11 ms 11 ms 11 ms slodcpubfw1.corp.nai.org [161.69.128.10]
          6 14 ms 12 ms 17 ms 62.189.112.140
          7 * * * Request timed out.
           
          Take a screenshot of the command window or, using your mouse, select all the text in the screen.
          Right-click anywhere in command windows menu bar and click Edit, Copy.
          Open Notepad, right-click anywhere in the document and click Paste.
          Save the document as TRACERT.TXT.

          Step 8 - Collect information using IPCONFIG /ALL
          Take a screenshot of output to the command window or, using your mouse, select all the text in the screen.
          Right-click anywhere in command windows menu bar and click Edit, Copy.
          Open Notepad, right-click anywhere in the document and click Paste.
          Save the document as IPCONFIGALL .TXT.

           

          Regards

          Sailendra

          • 2. Re: Cannot update Master Repository

            Thank you for your reply.

            I've just found out that Cisco firewall is blocking the traffic from my ePO server when it tries to download the updates because it's being detected as a dangerous traffic...

            It's strange because the old server which was upgraded from version 4 to 4.5 is working properly and it's not generating any alerts on the firewall.

            I probably will have to install ePO v. 3.6 or 4.0 and then upgrade to 4.5, or maybe there is some other ways to get it fixed?

             

             

            Message was edited by: marek_g on 12/14/09 8:02:26 PM GMT+01:00
            • 3. Re: Cannot update Master Repository
              Sailendra Pamidi

              That is strange - I don't think it should make a difference whether you have upgraded from 4.0 or if it is a fresh install of 4.5. Reason being that it would be the same updates being pulled from the mcafee servers.

               

              Perhaps you can check what ip is in use for the one where it works  and put in the same ip for the source site on the failing one?

              • 4. Re: Cannot update Master Repository
                JoeBidgood

                Alternatively, if you're not worried about having the VSE compiled help files, you could simply edit your pull task so as not to pull the updates for VSE 8.5 and 8.7. Quick and dirty but it should work

                 

                Regards -

                 

                Joe

                1 of 1 people found this helpful
                • 5. Re: Cannot update Master Repository

                  Thanks Joe!

                  I've selected only DAT and Engine packages to be updated and now it's working.

                  Could you please tell me which package exactly should i deselect?

                  • 6. Re: Cannot update Master Repository
                    JoeBidgood

                    Under "Products, Patches and Service Packs" deselect VirusScan Enterprise 8.5.0 and 8.7.0 - that should do it.

                     

                    Regards -

                     

                    Joe