Scripting installation

Hi, for years we have been using the Enduser Protection. Since a week we've changed to Intercept X via Sophos Central. I checked the page they are suggesting about installations: https://support.sophos.com/support/s/article/KB-000034831?language=en_US

I'm trying to set up a GPO like in this page, but it seems that it doesn't install because the old one is still present. Can I add the uninstallation part in the script, and won't this pose any problem as I thought you need to restart before you can install the new one. Or am I  missing something?

Jo

Parents
  • Hi, no I don't get any prompt for credentials. Concerning the proxy I need to check, but normally we should have a direct connection.

  • Hi

    Could you please Open a web browser and enter the following three addresses into the address box. If a successful connection is made you will see the message "it works - authed", "Connection Successful" or "it works".

    • dci.sophosupd.com
    • d1.sophosupd.com
    • d2.sophosupd.com

    Please check this article for the initial checks while using the Sophos Central Migration tool. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

     

  • Hope Jo doesn't mind me posting my results but all 3 sites give results as per below for d2:

    Sophos d2 Site - hosted on Akamai

    Connection Successful

    The 'reason for error' column does not seem to contain specific error message reported.

  • Hi

    Could you please under c:\windows\temp for the logs as mentioned here and see if you get any specific error. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

     

  • Sorry if excessive post but grateful for assistance.

    Most of the time log only shows:

    [Begin]
    2020-11-18T10:30:18.461Z [1] WARN  AppViewModel.IsLaunchable Sophos Central Migration Tool is unable to start. Unable to connect to Sophos Central.

    Do you want to view knowledgebase article 122503 for more information?
    2020-11-18T10:30:18.711Z [1] ERROR App.App_OnStartup Initialize failed. Reason: Sophos Central Migration Tool is unable to start. Unable to connect to Sophos Central.

    Do you want to view knowledgebase article 122503 for more information?

    But found one occasion this morning when I got this:


    2020-11-18T10:31:18.082Z [5] INFO  RulesDownloader.RequestSucceeded Migration rules request succeeded.
    2020-11-18T10:31:18.940Z [5] WARN  HttpHelper.LogExceptionAndGetStatus Cloud to SEC feature mapping request failed with status: SendFailure. Details: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       --- End of inner exception stack trace ---
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
       at System.Net.TlsStream.CallProcessAuthentication(Object state)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
       at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.ConnectStream.WriteHeaders(Boolean async)
       --- End of inner exception stack trace ---

    Server stack trace:
       at System.Net.HttpWebRequest.GetResponse()
       at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
       at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase)
       at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData& msgData)
       at System.Func`1.EndInvoke(IAsyncResult result)
       at Sophos.CloudMigration.Cloud.HttpHelper.GetCancellableResponse(HttpWebRequest request, CancellationToken token)
       at Sophos.CloudMigration.Cloud.FeaturesDataDownloader.GetFeatureMappings(ISessionHandler sessionHandler, String featureMappingsPath)
    2020-11-18T10:31:18.940Z [5] ERROR HttpHelper.DoOperationAndRetryIfTooManyRequests Central API call exception: Central API call failed. Status: CannotConnect
    2020-11-18T10:31:18.940Z [5] ERROR MigrationCoordinator.UpdateAvailableCloudFeatures Failed to update available Central features list. Endpoint migration ability may not be accurate or up-to-date.
    2020-11-18T10:32:03.939Z [1] INFO  App.App_OnStartup Shutting down...
    2020-11-18T10:32:04.039Z [1] INFO  App.App_OnExit On exit has been called...
    2020-11-18T10:32:06.084Z [5] INFO  Background.Continuation Background task was successfully cancelled.
    2020-11-18T10:32:06.084Z [8] INFO  Background.Continuation Background task was successfully cancelled.
    2020-11-18T10:32:06.113Z [4] INFO  Background.Continuation Background task was successfully cancelled.
    [End]

  • hmm, either there is an exception in the local stack or you are getting rst from the server. Can you do a wireshark and see what traffic you are getting back from the server. If the data is getting out and you get data back with a RST packet - we need to see why.

    Are you running this on the SEC server?

    RichardP

    Snr. New Product Introduction Engineer | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Same issue here, also on a Server W2k8R2 excatly same logs. connection-test to all host was sucessfully. Server is running the SEC. Server is a VMWare Machine.

Reply Children
No Data