This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Public RMS cannot get certificate

Sophos Endpoint Public RMS cannot get certificate 
we're using Public ip address that is nat'd to private ip address, we've changed some configuration based on this KB methode 2 https://community.sophos.com/kb/en-us/50832
the ssl connection is trying to connect to private ip of SEC (192.168.12.80) using port 51285 (i don't know what port is this) , anyone know how to solve this ? 

see the following log : 
02.09.2019 17:19:52 0960 T C:\Program Files\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::Done
02.09.2019 17:19:52 0960 I C:\Program Files\Sophos\Remote Management System\RouterNT.exe|Getting a new router certificate...
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|Getting the parent message router object using IOR
IOR:010000002600000049444c3a536f70686f734d6573736167696e672f4d657373616765526f757465723a312e300000000100000000000000a4000000010102000e0000003139322e3136382e31322e38300054c84100000014010f004e5550000000210000000001000000526f6f74504f4100526f7574657250657273697374656e740003000000010000004d657373616765526f7574657200000003000000000000000800000001009702004f4154010000001800000001009702010001000100000001000105090101000000000014000000080000000100a600860055c8
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Stub::base_profiles, acquired profile lock this = 0x16fef48
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|Getting the certification object...
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|ACE (5604|2400) - SCG:<ctor=0197F430> - config=01872828 repo=01872888 superceded by repo=01872888
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Invocation_Adapter::invoke_i, making a TAO_CS_REMOTE_STRATEGY invocation
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|ACE (5604|2400) DSB::instance, repo=01872888, name=TAO_ORB_Core_Static_Resources type=0187BDB8 => 0187C060
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO_SSLIOP (5604|2400) - Connector::connect, looking for SSLIOP connection.
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) Initializing SSLIOP_Endpoint
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - TAO_LF_CH_Event[0]::state_changed_i, state LFS_IDLE->LFS_CONNECTION_WAIT
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - SSLIOP_Connector::ssliop_connect, making a new connection
02.09.2019 17:19:52 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport_Cache_Manager_T::fill_set_i, current_size = 0, cache_maximum = 10
02.09.2019 17:19:52 0960 I C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport_Cache_Manager_T::purge, Cache size after purging is [0]
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - TAO_LF_CH_Event[24044520]::state_changed_i, state LFS_CONNECTION_WAIT->LFS_CONNECTION_CLOSED
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport[24044520]::purge_entry, entry is 00000000
02.09.2019 17:20:13 0960 E C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - SSL connection to <192.168.12.80:51285:51285> failed (errno: connection timed out)
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport[24044520]::~Transport
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport[24044520]::cleanup_queue_i, cleaning up complete queue
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport[24044520]::cleanup_queue_i, discarded 0 messages, 0 bytes.
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Stub::next_profile_retry, acquired profile lock this = 0x16fef48
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|ACE (5604|2400) SCG:<dtor=0197F430> - new repo=01872888
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|ACE (5604|2400) - SCG:<ctor=0197E8A8> - config=01872828 repo=01872888 superceded by repo=01872888
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Invocation_Adapter::invoke_i, making a TAO_CS_REMOTE_STRATEGY invocation
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|ACE (5604|2400) DSB::instance, repo=01872888, name=TAO_ORB_Core_Static_Resources type=0187BDB8 => 0187C060
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO_SSLIOP (5604|2400) - Connector::connect, looking for SSLIOP connection.
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - SSLIOP_Connector::ssliop_connect, making a new connection
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport_Cache_Manager_T::fill_set_i, current_size = 0, cache_maximum = 10
02.09.2019 17:20:13 0960 I C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - Transport_Cache_Manager_T::purge, Cache size after purging is [0]
02.09.2019 17:20:13 0960 D C:\Program Files\Sophos\Remote Management System\RouterNT.exe|TAO (5604|2400) - TAO_LF_CH_Event[0]::state_changed_i, state LFS_IDLE->LFS_CONNECTION_WAIT



This thread was automatically locked due to age.
Parents
  • Not that this is your problem, but it could be.

    I have found that doing a copy/paste of the extra syntax (specifically the "-ORBDottedDecimal 0" parameter) didn't work, but if i typed it in manually it did work for me.  Something with the infamous dash character such as what happens when you put in a dash in MS Word vs typing it into Notepad.

Reply
  • Not that this is your problem, but it could be.

    I have found that doing a copy/paste of the extra syntax (specifically the "-ORBDottedDecimal 0" parameter) didn't work, but if i typed it in manually it did work for me.  Something with the infamous dash character such as what happens when you put in a dash in MS Word vs typing it into Notepad.

Children
No Data