This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote endpoints not checking in

Hi

 

We have a few endpoints outside of the office. 

I've opened up ports 8192 and 8194 tcp on an external IP, forwarded those to the Sophos box and set up a public DNS and an internal DNS, both the same, both pointing to the Sophos box. 

I've edited MRINIT.CONF and then updated the packages using the packaging process from the KB. 

 

However none of the external endpoints are checking in. I've checked that both ports are open and we get a respones externally. 

 

One thing I have seen is that the MRINIT.CONF file on the remote endpoints shows the .local name of the Sophos server, not the FQDN. However the correct settings are in the compressed savinst.exe file created by winrar during the packaging process. 

 

My guess is that I've missed a setting on the sophos server, which the endpoints are then pulling when they first check in. 

 

I'm aware that we should have a box in the DMZ but for 2 machines (both on fixed IPs) I'm happy to suffer the slings and arrows of IP restricted port opening. 

 

Any ideas what I've missed?

 

Olly



This thread was automatically locked due to age.
Parents
  • Hello Olly,

    in the compressed savinst.exe
    this is your own build, not created with the Deployment Packager, is it? With what parameters do you call setup.exe?

    As to mrinit.conf: Its contents depend on the environment (fixed IP or DHCP, result of reverse lookup) of the SEC server at install time. Usually you get IPv4, IPv6, FQDN, NetBIOS. An endpoint first tries port 8192 on all available addresses/names in succession until it gets an IOR in return. This will contain one or more hostnames/IPs and port (we expect 8194) for the server. As jak has said, if connection to port 8192 is successful you should find the IOR in the logs. It is possible that the endpoints can fetch the IOR but the IOR contains the server's local IP instead of the public one.
    What changes did you make to mrinit.conf when you edited it and where did you put it? Is the mrinit.conf on the endpoints the one you've edited or the one you see in the CIDs?

    Christian

Reply
  • Hello Olly,

    in the compressed savinst.exe
    this is your own build, not created with the Deployment Packager, is it? With what parameters do you call setup.exe?

    As to mrinit.conf: Its contents depend on the environment (fixed IP or DHCP, result of reverse lookup) of the SEC server at install time. Usually you get IPv4, IPv6, FQDN, NetBIOS. An endpoint first tries port 8192 on all available addresses/names in succession until it gets an IOR in return. This will contain one or more hostnames/IPs and port (we expect 8194) for the server. As jak has said, if connection to port 8192 is successful you should find the IOR in the logs. It is possible that the endpoints can fetch the IOR but the IOR contains the server's local IP instead of the public one.
    What changes did you make to mrinit.conf when you edited it and where did you put it? Is the mrinit.conf on the endpoints the one you've edited or the one you see in the CIDs?

    Christian

Children