Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 51589 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configure message relay in ver 5.2.2

PBJ_Family

I am having trouble configuring a message relay in ver 5.2.2.  I followed the instructions here:

http://www.sophos.com/en-us/support/knowledgebase/14635.aspx

It does not list ver 5.2 on that page but I cannot find any instructions anywhere that do.

The issue I have is that according to the video on that page, the ConnectionCache registry value is supposed to be 20512 to indicate that the machine has converted to a message relay.  The value is 10.

Everything else seems to indicate that it worked, although currently I have no endpoints setup to use that relay yet.  But on the relay machine itself I see that the mrinit.conf located in C:\Program Files (x86)\Sophos\Remote Management System is the one I modified and does list itself as the "ParentRouterAddress".  I understand this is how you would confirm that an endpoint had pulled its configuration from this machine.

:56262


This thread was automatically locked due to age.
Parents
  • 0

    Hello PBJ_Family,

    it hasn't converted itself to a relay

    is it "just" the ConnectionCache value which isn't as expected? If there are already endpoints which are supposed to use the relay it should be rather easy to determine that it basically works:

    • the endpoints appear in the console
    • in the Router-yyyymmdd-hhmmss.logs on the management server appear lines containing origin=Router$RelayServer:nnnnn.Router$SomeEndpoint:mmmmm.Agent
    • in the router logs on the relay you see apparent traffic from/to the endpoints

    If you open the file ReportData.xml in %ProgramData%\Sophos\Remote Management System\3\Router\NetworkReport\ with a browser the last item is RMS router type.

    I've never seen that the ConnectionCache value hasn't changed but then you don't install relays in vast numbers. I see an additional value HostIPToParent which obviously holds the "parent(i.e. management server)-facing" IP. 

    I'd try to "demote" the relay by instructing it to update from the main CID (if this is possible) watching for changes (registry and NetworkReport) and then re-promote it by redirecting it to the correct CID.

    Christian

    :56281
Reply
  • 0

    Hello PBJ_Family,

    it hasn't converted itself to a relay

    is it "just" the ConnectionCache value which isn't as expected? If there are already endpoints which are supposed to use the relay it should be rather easy to determine that it basically works:

    • the endpoints appear in the console
    • in the Router-yyyymmdd-hhmmss.logs on the management server appear lines containing origin=Router$RelayServer:nnnnn.Router$SomeEndpoint:mmmmm.Agent
    • in the router logs on the relay you see apparent traffic from/to the endpoints

    If you open the file ReportData.xml in %ProgramData%\Sophos\Remote Management System\3\Router\NetworkReport\ with a browser the last item is RMS router type.

    I've never seen that the ConnectionCache value hasn't changed but then you don't install relays in vast numbers. I see an additional value HostIPToParent which obviously holds the "parent(i.e. management server)-facing" IP. 

    I'd try to "demote" the relay by instructing it to update from the main CID (if this is possible) watching for changes (registry and NetworkReport) and then re-promote it by redirecting it to the correct CID.

    Christian

    :56281
Children
No Data
Unfiltered HTML