Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Subscribers 4 subscribers
  • Views 6421 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central for linux install from cache server

ecompo

Hi,

I have been wondering if Sophos Central linux install script has option like windows/mac installer does to install from an existing cache server ?

 

Unfortunately KB https://community.sophos.com/kb/en-us/127045 only contains info regarding windows and mac.

 

It'd be great if linux installation can utilize cache server.

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Unfortunately, there is no option available for installation from an update cache for Linux computers. Internet connectivity is required for initial installation. The installer will automatically check connectivity to any update caches set up in your Central account and install from them if appropriate. Linux computers can use relay or cache for updating(provided Linux distributions are supported by Sophos Anti-Virus for Linux). Kindly refer to this to assign them manually for updating from the cache server. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to Shweta

    Hi

    Shweta said:

    Hi  

    Unfortunately, there is no option available for installation from an update cache for Linux computers. Internet connectivity is required for initial installation. The installer will automatically check connectivity to any update caches set up in your Central account and install from them if appropriate. Linux computers can use relay or cache for updating(provided Linux distributions are supported by Sophos Anti-Virus for Linux). Kindly refer to this to assign them manually for updating from the cache server. 

     

     

    So given those environments where Linux systems have no internet connectivity would be impossible to install Sophos Central for linux?

    It's not uncommon to see an environment that contains a mix of Windows and Linux servers and has no internet connectivity but according to your answer only Windows can successfully install Sophos Central from an existing cache server. 

    I know this would be a deal breaker for some of the prospective customers.

  • +1 in reply to ecompo

    Hi all,

    A few corrections for this thread:

    We do support Update Cache and Message Relay for Linux Servers, it works slightly differently than for Windows and Mac. 

    The installer that you download for Linux includes details of the Update Cache/Message Relay servers that are setup at the time you download the installer. You can then run the installer, it will assess if an available Update Cache or Message Relay can be used. You cannot pass command line options, and they are not needed.

    Note the supported platforms here: https://community.sophos.com/kb/en-us/122577#What%20are%20the%20prerequisites%20for%20an%20Update%20Cache?

    Please let me know if you have any more questions.

    Regards,

    Stephen

  • 0 in reply to StephenMcKay

    StephenMcKay said:

    Hi all,

    A few corrections for this thread:

    We do support Update Cache and Message Relay for Linux Servers, it works slightly differently than for Windows and Mac. 

    The installer that you download for Linux includes details of the Update Cache/Message Relay servers that are setup at the time you download the installer. You can then run the installer, it will assess if an available Update Cache or Message Relay can be used. You cannot pass command line options, and they are not needed.

    Note the supported platforms here: https://community.sophos.com/kb/en-us/122577#What%20are%20the%20prerequisites%20for%20an%20Update%20Cache?

    Please let me know if you have any more questions.

    Regards,

    Stephen

     

    For those late to the thread, in order to ensure successful installation for linux boxes that don't have internet connectivity, make sure to use the install script that's downloaded after Message Relay has been enabled.

  • 0 in reply to StephenMcKay

    Hello,

    I followed the steps like you mentioned and after setting up the Cache and Message Relay server i downloaded the linux script and ran it. It is able to identify the Cache and Message Relay fine but afterwards it tries to Download the "Medium Installer" and for that it is contacting Sophos Central via the Relay and it is failing

     

    Downloading medium installer
    Checking we can connect to Sophos Central (at mcs-cloudstation-us-east-2.prod.hydra.sophos.com/.../ep via wsisblinuxavc01:8190)...
    Failed to connect to Sophos Central at mcs-cloudstation-us-east-2.prod.hydra.sophos.com/.../ep (cURL error is [Couldn't resolve proxy name]). Please check your firewall rules.

     

    Now my Cache/Relay server uses HTTP Proxy to access the internet via browser. Will this setup work in this scenario?

    I checked the message relay file httpd and runnin_httpd and they have proxy address entered.

     

    Can you guide as to what is the issue here?

  • 0 in reply to Omer AhmedKhan

    Hello,

    Please can you advise, did you download the installer or copy and run the script?

    Regards,

    Stephen

  • 0 in reply to StephenMcKay

    Hello Stephen,

    I did download the package after setting up Cache and Relay. I was however able to resolve the issue. It was a dns resolution problem. My Cache/ Delay server was not part of the domain so there was no DNS entry and the Linux install script had the Hostname of the Cache/Relay server added so i manually edited the host file of my Linux machine and everything went smoothly.

    Thanks you again for your earlier post which covered everything to the point.

  • 0 in reply to Omer AhmedKhan

    Thank you for the follow up. The clients receive the hostnames of the configured Cache/Relay servers and resolve them to their IP; hence your issue. When the client couldn't resolve the hostname to an IP it was falling back to use Sophos directly.  

    Glad it is now working.

    Regards,

    Stephen

Reply
  • 0 in reply to Omer AhmedKhan

    Thank you for the follow up. The clients receive the hostnames of the configured Cache/Relay servers and resolve them to their IP; hence your issue. When the client couldn't resolve the hostname to an IP it was falling back to use Sophos directly.  

    Glad it is now working.

    Regards,

    Stephen

Children
No Data
Unfiltered HTML