This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Could not contact server" error

We are evaluating Sophos ESDP and will purchase it if it works as needed. Our network is a win2k8 domain. On all of the systems that I've deployed the Endpoint security and control client from Enterprise Console they are getting the 'Could not contact server' error message when it tries updating so the client is disabled. I've deployed it to XP, wink3, win2k8, win2k8 r2, vista, and win7 and none worked. One of the win2k8 r2 server didn't work then about a day later it started updating and working on it's own. Nothing was changed on that system from the time it wasn't working until it did work.  I saw a knowledgebase article about adding the local SophosSAU*0 user to the local 'User's group. I did that and it still doesn't work. That is not an acceptable answer in the first place since the whole point of a centrally managed system is that we should NEVER have to touch the client/workstation. It should all be done centrally from  Enterprise Console, group  policy and/or System Center. If I ever have to touch the workstations to make this work and maintain except on the rarest of occasions then your product is a no go. I've also turned off the firewalls to test and it's still not working. Speaking of firewalls, what ports does the system use to communicate that need to be opened.

Thanks,

Patrick

:68


This thread was automatically locked due to age.
  • Hi Patrick,

    what you are describing sounds a bit strange :-) (sorry for that).

    So first of all - the Remote Management System communication should work over ports 8192,8193 and 8194. Those ports are not used for any part of the updating process. As far as i am aware of you need to open those ports if you're using a Win2k8 server with the windows firewall being enabled (default).

    The updating is done via the default windows file sharing. So if any part of your firewall configuration is blocking windows file sharing the updating will fail.

    Another thing is the user account which has been defined in your update policy.

    Are you using the default settings or are you using a self created account within your policy?

     If that's the case check the password in there or check if you forgot to put the domain name in front of your account (if you're using a domain account and the CID is located on a member server forgetting the domain might lead to the point that AutoUpdate is trying to authenticate as a local account - which in this case is not existing).

    Putting the SophosSAU account into the local user group in my opinion is just some kind of troubleshooting. This account by default does not belong to any group - the only thing you have to whatch out is that you're not using restricted groups within your domain group policies - or if you're doing so (and you've restricted the users group) don't forget to put the "Authenticated Users" into the Users group (which at least is Microsoft default for the local Users group on your client). 

    One thing you can test is to install Sophos Anti-Virus manually by starting the setup.exe from your SAVSCFXP share. Put in a user account which definitely has access to your share (don't forget to put the domain in front of your account). The initial update should work now. If the update is failing after the Enterprise Console Updating policy has been applied then your error lies in the Updating policy - check your account and/or your subscription.

    It's also a good to check the error message which is displayed in the AutoUpdate log. If the above mentioned way do not help it would be nice to know what errors are in this log.

    So a lo tof stuff to do but hopefully it helps.

    (Please excuse my english - i'm not a native speaker :smileyhappy: if anything is unclear please feel free to ask)

    :75
  • Dear Sophos Experts...

    Currently my comapny using Sophos end point security 9.0, Some PC of the Company cant make update and said "could connect to the server",After investigate i found PC was disconnected from domain.( Cant manage PC throw the domain)..

    Then i start Background intelligance transfer service and Remote Procedure call service, and run virus scan to remove conficker warm.. Now PC is ok and Can manage Throw the domain,.. But still i cant perform update. Still same error comes. Please help me to solve the problem.. When after new installtion of sophos it;s ok...Please help me solve this...

    :83
  • I had the same in my environment, but only with machines that were not part of my domain.  It turned out that my web filter was blocking access to the update download site.  Once I made the exception in my filter, things worked just fine.

    One more thing you may want to do is check your Hosts file and make sure there are not any entries that may be blocking access. 

    Hope this helps.

    :91
  • Dear Patric,

    What i can suggest is in the updating policy change the username and password. Create one dedicated account for sophos auto update and use the same account in the updating policy.  After changing the credentials in the updating policy, you have to make sure that your clients has taken the policy.  Also you have to make sure that your subscribed package is downloaded and CID is updated.  Also you have to make sure that the below services are running.

    1. Computer Browser Service

    2. Workstation and Server Service

    3. Remote Registry Service

    4. Task Scheduler serveice.

    If this doesnt works go to c:\programfiles\sophos\Autoupdate in a client machine and open cache folder and delete the contents of the folder and check whether clients could able to connect to server or not. 

    If still you have the same problem please provide me the update log files.  please feel free to get back to me i will try to help you out in resolving this issue.

    Regards,

    Ramki.

    :113
  • Hi Dhanushka,

    Can you check whether computer browser, workstation and server services are started or not? Because if your network infected with conficker virus by default computer browser service will be stopped it results in failing updates.  Also check whether the credentials you have used are working.

    Rgds,

    Ramki.

    :114
  • I'm having a similar problem.

    A previous network engineer has installed Sophos onto our mail server which works fine. Now that I come to install Sophos onto a windows 7 machine I find that it can't connect to the server for updating.

    Upon further inspection I found that there was no SophosSAU*0 account. I added one for my machine name but still no joy.

    Should Sophos have created this account automatically, and if not - what could be the cause.

    Also if it didn't create the account and I simply made one in the same group as the working account - should it now work.

    Is it likely that I'm looking in completely the wrong place for solutions?

    :290
  • it seems I also can't update from my home network...

    :302
  • Oliver, In regards to your home network, have you verified that you are using the proper credentials? I had that isuse where I had input my Download username and password, instead of my EM credentials.
    :303
  • Hi Oliver,

    We should probably have different threads for these issues, but...

    Note.  If the SophosSAU*0 account was missing, you should remove Sophos AutoUpdate, and reinstall from the setup.  This is created on installation and generates a random password, which is stored in the registry.  Creating a new account will not work.  So I would fix this first.

    When dealing with "could not contact server", you need to know where its updating from and which exact part is failing (or all).

    Can you tell us your primary/secondary server details ? (without username/passwords)

    If you update from work & home, its likely you will have a network locate (\\server\share\..) address as Primary and Sophos as secondary, is this the setup ?

    Once you know this, check the update log

    - SAV 7 - Right click shield, Configure updating, Logging [tab], View log file

    - SAV 9 - Right click shield,Open Sophos Endpoint..., View update log

    Now there are two stages, the update stage and the installation stage.

    Could not contact server is going to be the download stage, but is it all components (SAVXP, RMS, SAU), or just one ?

    If it is failing accessing a CID (UNC) path, this should give a valid windows errors code, and you can work from there.

    e.g. 1326 = unknown username or bad password.

    If it is updating from Sophos only (http), then this will be a little harder to troubleshoot.

    Let us know what you find :)

    OD

    :304
  • Thats the same error message that I received when I install the SEC4 and when it prompt me to enter the UN and PW it tells me that error.

    Here's the exact message

    Could not contact the server. Check that the details are correct, and that theres no a problem with the network.

    What I did first is to ping any website - Yes it can, still the same error message

    Tried to use Proxy - The error message was change "Timeout"

    I tried to uninstall only the console still Could not contact the server

    To resolve the problem

    Check the internet options- uncheck the Proxy there possible is that you are using a proxy for you to block downloading

    Because you can try to surf the net and ping any website but cannot get the subscription.


    And that's resolve my problem.

    :403