1 2 Previous Next 10 Replies Latest reply on Mar 22, 2011 8:41 AM by JoeBidgood

    ePO 4.5: Agent-to-Server Communication Secure Port issue

    svarghese

      I upgraded our ePO to ver 4.5 with Agent to Server secure port assigned to 443. We disabled it in ePO while we got it changed as per KB66929. After making the required changes I still find the port to be showing up to be 443 when I try to enable the port. Any suggestions on what can be tried next.

        • 1. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

          Have you looked at this KB

           

          https://kc.mcafee.com/corporate/index?page=content&id=KB67605

           

          This article explains how to change the ePolicy Orchestrator (ePO) 4.5 Agent-to-Server communication "secure" port.

           

          To see steps on how to change the ePO 4.5.0 Agent-to-Server communication port, see KB67605.

           

           

          The Agent-to-Server communication  "secure" port is a new feature for ePO 4.5. On a new ePO 4.5 installation, users can modify the default port value of 443 for the Agent-to-Server communication  "secure" port. Current functionality does not allow modification of this port via the user interface after the product has been installed. When you upgrade from ePO 4.0 to ePO 4.5 RTW, the installer does not list the Agent-to-Server communication  "secure" port so the upgrade will complete using the default 443 value. If you later need to change the port number, follow the Solution in this article.

           

          Only McAfee Agent 4.5 and later can use the secure communication port provided with ePO 4.5. All managed systems with McAfee Agent 4.5 will be affected by this port change, unless the feature has been disabled in the Server Settings on the ePO server. With this feature enabled (the default), you must modify the port setting on each McAfee Agent 4.5 client restart the McAfee Framework Service (manually or via script). Alternatively, you can re-deploy McAfee Agent 4.5 to all affected systems.

           

          NOTE: There is no automatic port validation for this procedure. You must ensure that the selected port is not already in use.

           

          Message was edited by: allamiro on 3/16/11 9:04:36 PM CDT
          • 2. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
            svarghese

            Thanks Allamiro.. The KB you provided is for Agent to server communication while I'm facing difficultiies in modifying the Agent to Server secure communication port.

            • 3. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue

              Hi

               

              McAfee People can confirm this but I think this is kinda look like the  default settings for ePO 4.5  server communication and it wont change meaning  if you disable it then you can use the new modified port  .

               

              Message was edited by: allamiro on 3/18/11 2:08:32 PM CDT
              • 4. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                hem

                Yes, correct.

                 

                Please look at the snap of KB#:KB66929.

                 

                In the screenshot, I don't see that you have modified the new port into the DB under ServerInfo table.

                 

                Probably, you would have missed to attach the screenshot.

                 

                ------

                 

                Only McAfee Agent 4.5 and later can use the secure communication port provided with ePO 4.5. All managed systems with McAfee Agent 4.5 will be affected by this port change, unless the feature has been disabled in the Server Settings on the ePO server. With this feature enabled (the default), you must modify the port setting on each McAfee Agent 4.5 client restart the McAfee Framework Service (manually or via script). Alternatively, you can re-deploy McAfee Agent 4.5 to all affected systems.

                 

                 

                 

                on 19/3/11 9:33:42 AM IST
                • 5. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                  svarghese

                  Thanks Hem . As per the KB, running the following SQL command was the first thing we performed before we made modifications to the entry in the httpd.conf and ssl.conf files.

                   

                  Update ePO4_USTLSSWA057.dbo.EPOServerInfo

                  Set ServerHttpsPort = 8043

                  • 6. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                    Sailendra Pamidi

                    Please check if apache is listening on the changed port - 8043 via a Netstat command. (netstat -abn ). If the port change was successful, then it should no longer be listening on port 443 - and the UI showing it may be an anomaly

                    • 7. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                      svarghese

                      Thanks Sailendra, 8043 is not showing up when i ran netstat. Do we need to restart the SQL services when we execute the above SQL command? Or can we check in SQL server management studio if the above command has made a change to the port in DB?

                      • 8. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                        JoeBidgood

                        Hi...

                         

                        You shouldn't need to restart the SQL services, no. You can check the value in the db by running the following query against the ePO db from management studio:

                         

                        select serverhttpsport from eposerverinfo

                         

                        This should return 8043... is that correct?

                         

                        HTH -

                         

                        Joe

                         

                         

                        (PS - quick update - it's definitely this entry that control what is displayed in the config page, so I'm guessing it's not set correctly...)

                         

                        Message was edited by: JoeBidgood on 21/03/11 10:14:27 GMT
                        1 of 1 people found this helpful
                        • 9. Re: ePO 4.5: Agent-to-Server Communication Secure Port issue
                          svarghese

                          Thanks Joe, I ran the query and found that the port was not changed properly as it was showing up as 443. I reran the query again with the brackets around the database name and modified the port. Since then i see port 8043 showing up when i try to enable the Secure port.

                           

                          Thanks all for your support.

                           

                          port8043.JPG

                          1 2 Previous Next