This content has been marked as final. Show 10 replies
You are not authorized to view this page
I am having the same problem. Have you found a solution to this problem?
I also noticed that I am not able to deploy the agent either.
So in the policy catalog, under Product McAfee Agent > General > My Default
tick the Enable remote access to log.
That policy is configured already, and it is allowed to access the log remotely.
One of the affected machines had a duplicate GUID, and after we removed the GUID-registry value (AND the MacAddress value) the machine started to communicate after a few days, and i can access the logs remotely.
Another possibility i encountered is under reporting->queries there's a standard querie that searches the DB for duplicate systems, anyone encountering this problem could try that one, cuz duplicate entries cause a lot of troubles too...
The problems with the other machines that are affected bij this problem weren't solved by this action, but i'm going to reinstall those, and hope for the best.
I'm trying to close my case with McAfee about this problem, as i'm not really willing to keep on searching for the problem itself, and thus i hope reinstalling the affected systems will solve all my problems grin
I received this error when windows firewall is on and there are no rules for port 8081 on client pcs (i use this port in my case).
I'm encountering this issue of access denied on 3 servers now (Srv2003 SP2). They don't run any kind of firewall, access is not even possible locally and reinstalling doesn't change anything at all, event after a full scrub of any previous McAfee trace.
In addition, these systems with this problem also fail to perform the engine and dat update after a fresh installation and patching.
If any one has another solution/suggestion, it would be welcome.
Try going to the webpage on port 8082 instead of 8081.
Its possible that 8081 is used for something else.
And confirm the agents have a unique GUID (no cloned machines etc.).
Removing the proper reg-keys for this one, and rebooting will generate a new GUID.
If this doesn't help, i would try to uninstall the agent, and reinstall...
There is a differance between getting a 403 and a firewall problem. If the firewall is dropping your connection you won't even get a 403.
Be aware that reinstalling the agent when the GUID is duplicate solves nothing. You have to delete the AgentGUID key from registry to get it working again. I have lots of duplicated GUID because of system reinstalls and images used by the tech suport of certain deparments.
To determine the real cause you should check your agent log in <users dir>\All Users\Application Data\McAfee\Framework\DB\<hostname.log>
The actual path depends on where it is Vista or XP and whether you upgraded from a 3.6 install or not. The above is just to give you an idea where to look.
It's all cryptic. I've looked at the agent logs and here's a sample of it content:
Agent Subsystem 5/22/2009 9:57:18 AM Info Next policy enforcement in 5 minutes
Agent Subsystem 5/22/2009 9:57:18 AM Info Agent finished Enforcing policies
Management 5/22/2009 9:57:18 AM Info Enforcing Policies for McAfee Agent
Management 5/22/2009 9:57:18 AM Info Enforcing Policies for EPOAGENT3000
Management 5/22/2009 9:57:18 AM Info Enforcing Policies for EPOAGENT3000META
Management 5/22/2009 9:57:18 AM Info Enforcing Policies for VIRUSCAN8600
Agent Subsystem 5/22/2009 9:57:18 AM Info Agent Started Enforcing policies
Agent Monitor 5/22/2009 9:57:18 AM Detail Enforcing policies
Agent Subsystem 5/22/2009 9:57:07 AM Error Structured Exception caught: Function CAgentWork::PerformASCI(), exception code 0xc0000096, address 0x7c365550
Agent Subsystem 5/22/2009 9:57:07 AM Info Agent started performing ASCI
Agent Monitor 5/22/2009 9:57:07 AM Detail Collecting Properties
Agent Monitor 5/22/2009 9:57:02 AM Detail Sending Events...
Agent Subsystem 5/22/2009 9:56:54 AM Info Agent started performing ASCI
Agent Subsystem 5/22/2009 9:52:44 AM Info Next policy enforcement in 5 minutes
Agent Subsystem 5/22/2009 9:52:44 AM Info Agent finished Enforcing policies
Management 5/22/2009 9:52:44 AM Info Enforcing Policies for McAfee Agent
Management 5/22/2009 9:52:44 AM Info Enforcing Policies for EPOAGENT3000
Management 5/22/2009 9:52:44 AM Info Enforcing Policies for EPOAGENT3000META
Management 5/22/2009 9:52:44 AM Info Enforcing Policies for VIRUSCAN8600
Agent Subsystem 5/22/2009 9:52:44 AM Info Agent Started Enforcing policies
Agent Subsystem 5/22/2009 9:52:03 AM Error Structured Exception caught: Function CAgentWork::PerformASCI(), exception code 0xc0000096, address 0x7c365550
Agent Subsystem 5/22/2009 9:52:02 AM Info Agent started performing ASCI
Agent Monitor 5/22/2009 9:52:02 AM Detail Collecting Properties
Agent Monitor 5/22/2009 9:51:59 AM Info Agent service is running
Any time an agent-to-server communication it attempted, an error is recorded. Also, the DAT/Engine won't update. No details in that update log. It just says update failed on the console and no errors in the log.
I've scratched all traces of McAfee on each of those systems affected and the result remains the same after a full reinstall. I used the McAfee batch job for the manual clean to get all of it out. This usually fixes all issues, but not this one. And these internal servers aren't running any firewall at all.
I also tried a different port, but no luck either. Not sure where to go from here...
Thanks for any help.
Did you erase the registry keys as well? As stated above, a reinstall doesn't change the GUID.