Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 51586 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configure message relay in ver 5.2.2

PBJ_Family

I am having trouble configuring a message relay in ver 5.2.2.  I followed the instructions here:

http://www.sophos.com/en-us/support/knowledgebase/14635.aspx

It does not list ver 5.2 on that page but I cannot find any instructions anywhere that do.

The issue I have is that according to the video on that page, the ConnectionCache registry value is supposed to be 20512 to indicate that the machine has converted to a message relay.  The value is 10.

Everything else seems to indicate that it worked, although currently I have no endpoints setup to use that relay yet.  But on the relay machine itself I see that the mrinit.conf located in C:\Program Files (x86)\Sophos\Remote Management System is the one I modified and does list itself as the "ParentRouterAddress".  I understand this is how you would confirm that an endpoint had pulled its configuration from this machine.

:56262


This thread was automatically locked due to age.
Parents
  • 0

    HI Christian

    Thanks again for the follow up.  The connection cache reg key was the only point I was stuck on since that was the only indicator that I knew of to check for conversion to a relay.  The info you gave me would seem to further confirm that it is not a relay.  The Router-yyyymmdd-hhmmss.logs on MainServer show RelayServer talking to it but it looks no different than any other endpoint.  Specifically it does not look like origin=Router$RelayServer:nnnnn.Router$SomeEndpoint:mmmmm.Agent it looks like origin=Router$RelayServer:9002.Agent without appearing to be routing any of the other endpoints through it.  On RelayServer itself however I do in fact see the same logs indicating that the endpoints in that site are contacting RelayServer itself.  So it looks like the other endpoints have the configuration to talk to RelayServer but RelayServer itself is not sorting out that it needs to be a relay.  The last clue is the ReportData.xml file on RelayServer which you mentioned; it lists RMS router type as endpoint.  This same XML file lists Router$RelayServer:9002 under 'RMS router name '. 

    The reg value for HostIPToParent is not an IP address.  It has a hex value which of course means nothing to me and a decimal value of 3232264199.  So I have no clue what that is indicating.

    What method would you recommend for demoting and re-promoting?  Can I move RelayServer to a different group on MainServer and then update policies?  Or should I reprotect it after having done that?

    I have 4 total physical sites and each of the remote sites is going to get one of these update/relay servers.  Today I was going to start building another one in another site so I will soon be able to tell if this is an anomoly or if the problem will happen again on another machine.

    All of these server are running Server 2012 R2 if that makes any difference.

    Any chance clientmrinit.exe can be run manually?

    :56283
Reply
  • 0

    HI Christian

    Thanks again for the follow up.  The connection cache reg key was the only point I was stuck on since that was the only indicator that I knew of to check for conversion to a relay.  The info you gave me would seem to further confirm that it is not a relay.  The Router-yyyymmdd-hhmmss.logs on MainServer show RelayServer talking to it but it looks no different than any other endpoint.  Specifically it does not look like origin=Router$RelayServer:nnnnn.Router$SomeEndpoint:mmmmm.Agent it looks like origin=Router$RelayServer:9002.Agent without appearing to be routing any of the other endpoints through it.  On RelayServer itself however I do in fact see the same logs indicating that the endpoints in that site are contacting RelayServer itself.  So it looks like the other endpoints have the configuration to talk to RelayServer but RelayServer itself is not sorting out that it needs to be a relay.  The last clue is the ReportData.xml file on RelayServer which you mentioned; it lists RMS router type as endpoint.  This same XML file lists Router$RelayServer:9002 under 'RMS router name '. 

    The reg value for HostIPToParent is not an IP address.  It has a hex value which of course means nothing to me and a decimal value of 3232264199.  So I have no clue what that is indicating.

    What method would you recommend for demoting and re-promoting?  Can I move RelayServer to a different group on MainServer and then update policies?  Or should I reprotect it after having done that?

    I have 4 total physical sites and each of the remote sites is going to get one of these update/relay servers.  Today I was going to start building another one in another site so I will soon be able to tell if this is an anomoly or if the problem will happen again on another machine.

    All of these server are running Server 2012 R2 if that makes any difference.

    Any chance clientmrinit.exe can be run manually?

    :56283
Children
No Data
Unfiltered HTML