This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos System Protection Service generates Fatal error in Windows Logs

Hi

I have problem that on some Computers in Event viewer are many Errors that sounds like: "A fatal alert was received from the remote endpoint. the TLS protocol defined fatal alert code is 40." Source Schannel Event ID 36887.

I have read this community.sophos.com/.../schannel-errors-with-the-new-10-6-3-version but there was only solution to edit host file and add to hosts file 127.0.0.1 4.sophosxl.net. Maybe now other solution is.

Waiting for answer...



This thread was automatically locked due to age.
  • Hello Mantas Lenza,

    alert 40 Indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. So SSP and the SXL server can't agree on the parameters. Checked on a Windows 7 running 10.6.4 (yes, the Preview 10.6.4) and it uses TLSv1.2. It's easy to monitor the (failed) handshake with Wireshark. This might give a hint to the underlying cause. Which Windows version (for Sophos I assume 10.6.3) is on the endpoints having these issues?

    Christian

  • Hello Christian,

    Thanks for your answer... In my case, the solution was to configure firewall access to this *.sophosxl.net