After entering the username and password in the Source tab of the Sophos Update Manager (SUM) in the Sophos Enterprise Console (SEC), the following error message is received:
Timeout while attempting to connect to the specified address. There may be a problem with the network. Would you like to use these source details anyway?
There are a number of causes why this update issue occurs. This knowledge base article describes the steps to check all of these known causes and how to resolve it.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Update Manager
The Sophos Update Manager (SUM) server uses port 80 (HTTP) and port 443 (HTTPS after SUM version 1.7.0). It requires access to the following addresses:
Note: CRL/OCSP sites of globalsign & digicert are correct as of September 2018, but are subject to change due to future update of these infrastructures.
A successful connection shows the message Sophos dci Site - hosted on Akamai Connection Successful or just Sophos dci Site Connection Successful. If this is the case, proceed to checking the SUM credentials.
Sophos dci Site - hosted on Akamai Connection Successful
Sophos dci Site Connection Successful
On the other hand, if the connection fails, it is most likely caused by either the firewall (including Windows Server 2008 software firewall) or the proxy that blocks the process EnterpriseConsole.exe or the connection. To resolve this connection problem, do the following on the Sophos Management server (and other SUM servers, if any):
Note: The list of the IP addresses from the provided Amazon link changes from time to time. It is recommended to check the Amazon link and to perform regular ping tests against the DNS names listed above. This is to determine if you need to allow additional IP addresses. For more information on how to interpret JSON data, see this article. Refer to your firewall or proxy documentation for the steps on how to allow DNS names or IP addresses/ranges
From SUM 1.7.0, updates are performed using HTTPS and the Windows OS requires access to the globalsign.com and digicert.com addresses. The following are a number of areas to check:
If the same issue is still being experienced after restarting the Sophos Update Manager (SUM) server, gather and submit the SDU log.
There may be a different reason why the SUM server fails to connect. To further investigate on this issue:
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.