This content has been marked as final. Show 6 replies
Not too familiar with EPO myself, having only just taken over management of it where I work, but that sounds like you need to configure your proxy server to allow access via HTTP from the internal (EPO) server to the NAI site. The FTP issue might be related to a timeout on the FTP protocol, since the FTP connection can be established but the download never completes. This could point to traffic shaping on FTP, connection limits or download size being reached for FTP during a specific period or an issue related to link saturation.
Since you used to bypass the firewall, I would guess that no-one has ever bothered to set up the necessary ACL\policy entries to facilitate HTTP access from the EPO Server outbound. Any decent firewall admin nowadays configures the firewall only to route HTTP/HTTPS/FTP connections out via their proxy architecture by default, with exceptions for machines that access web servers that won't allow a proxified connection configured in the firewall ruleset.
You'll need to check the proxy settings in your browser and the ones set in EPO itself and make sure they match. If not, you can set EPO to override the IE proxy settings if required, so make sure you get them from your network/security bods and try and do a pull. If they are asking you for information, they probably only need the IP address/name of the EPO server and the URL of the sites it is accessing (NAI's HTTP site)
I have had issues with pulling updates from McAfee's server also. It usually is successful on the next pull. Have you tried to connect to their servers with a FTP client and do your own 'pull' (to a different directory) to see if it completes?
To Zebulebu: I checked the IE proxy settings as well the ones in ePo since the proxy server that I was using is no longer available, they are both set to not use any proxy servers.
We have physically 2 separate networks, 1 network has only one entry level firewall, the other has 2 firewalls in a cluster and those are more advanced. The thing is that at one time the entry level firewall didn't allow the ePo server in that network to communicate, the network admin configured something (he claims he doesn't remember) and now that server connects without problems. The advanced firewalls don't even allow windows update to connect.
To drhodes: I've tried some 10 consecutive repository pulls without success. I did connect to the FTP server using IE and browsed some folders but I didn't download anything, I will with a client tomorrow.
Thanks for your replies, not having the virus definitions updated is getting on my nerves :D.null
remember that you can always check in the DAT by hand if needed.
When I do a Http and it fails witht he following error: "DATE: Failed to download file catalog.z from site update.nai.com:80, error code 403"
=> Error 403 means "Access forbidden" so your firewall has blocked this traffic
When I try to do a repository pull using FTP it reaches 25% and fails with the following error: "Date: Failed to download file Current\PATCHMP1000\Templates\0000\Ptchscan.scp.zi p from site ftp.nai.com:21, error code 2 ( The system cannot find the specified file. )
I second the proxy config. Make sure it is going out the proxy if your company enforces proxy throughout your network. It is in the Configure Proxy Settings in the repository section.