hi there
we have an azure subscription and im trying to get AV running on all of them. We have 4 different "zones" all with port ACLs defined using NSGs.
3 out of the 5 are working. ive added TCP ports 8192 and 8194 to the NSG and added the same port rules on the windows firewall on each member server
all of the servers that arent working are not listening on either port 8192 and 8194
ive checked the routerNT logs and each has the same error
unable to get certificate
followed some sophos threads about the problem. increased the logging verbosity, changed the MTU size etc but still not working.
does anyone have any suggestions?
i can connect successfully using telnet from client back to the enterprise management server.
non verbose error in router log
07.12.2017 16:09:44 0E6C E Router::GetCertificate: Caught CORBA system exception, ID 'IDL:omg.org/CORBA/TRANSIENT:1.0'
OMG minor code (2), described as '*unknown description*', completed = NO
verbose error router log
07.12.2017 16:21:31 0998 I SOF: C:\ProgramData/Sophos/Remote Management System/3/Router/Logs/Router-20171207-162131.log
07.12.2017 16:21:31 0998 I Sophos Messaging Router 3.4.1.3411 starting...
07.12.2017 16:21:31 0998 I Setting ACE_FD_SETSIZE to 138
07.12.2017 16:21:31 0998 I Initializing CORBA...
07.12.2017 16:21:31 0998 D New context options = 1000000
07.12.2017 16:21:31 0998 T IPAddressSet::InitialiseWithHost() called
07.12.2017 16:21:31 0998 T Added host network address:127.0.0.1:0
07.12.2017 16:21:31 0998 T Added host network address::0
07.12.2017 16:21:31 0998 T IPAddressSet::InitialiseWithHost() returns
07.12.2017 16:21:31 0998 D Creating ORB...
07.12.2017 16:21:31 0998 D ACE_DLL_Handle::open: calling dlopen on "TAO_SSLIOP"
07.12.2017 16:21:31 0998 D ACE_DLL_Handle::open: Trying to open DLL TAO_SSLIOP with TAO_SSLIOP name
07.12.2017 16:21:31 0998 D ACE_DLL_Handle::open: loading TAO_SSLIOP (1385299968)
07.12.2017 16:21:31 0998 D ACE_DLL_Handle::open: loading TAO_SSLIOP (1385299968)
07.12.2017 16:21:31 0998 D opening dynamic service SSLIOP_Factory
07.12.2017 16:21:31 0998 D destroying SSLIOP_Factory, flags = 3
07.12.2017 16:21:31 0998 D did dynamic on SSLIOP_Factory, error = 0
07.12.2017 16:21:31 0998 D opening static service Resource_Factory
07.12.2017 16:21:31 0998 D did static on Resource_Factory, error = 0
07.12.2017 16:21:31 0998 D opening static service UTF16_BOM_Factory
07.12.2017 16:21:31 0998 D did static on UTF16_BOM_Factory, error = 0
07.12.2017 16:21:31 0998 I C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Setting connection cache limit to 10
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) Loaded protocol <SSLIOP_Factory>
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) created new ORB <>
07.12.2017 16:21:31 0998 I C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Creating ORB runner with 4 threads
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Init Any2XML...
07.12.2017 16:21:31 0C84 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|RunORB thread started
07.12.2017 16:21:31 0998 I C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Getting parent router IOR from :8192
07.12.2017 16:21:31 03F8 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|RunORB thread started
07.12.2017 16:21:31 14A4 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|RunORB thread started
07.12.2017 16:21:31 0C84 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|3204) - ORB_Core::run, start [run]
07.12.2017 16:21:31 0DCC D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|RunORB thread started
07.12.2017 16:21:31 03F8 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|1016) - ORB_Core::run, start [run]
07.12.2017 16:21:31 14A4 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|5284) - ORB_Core::run, start [run]
07.12.2017 16:21:31 0C84 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|3204) - ORB_Core::run, calling handle_events()
07.12.2017 16:21:31 0DCC D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|3532) - ORB_Core::run, start [run]
07.12.2017 16:21:31 03F8 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|1016) - ORB_Core::run, calling handle_events()
07.12.2017 16:21:31 14A4 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|5284) - ORB_Core::run, calling handle_events()
07.12.2017 16:21:31 0DCC D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|3532) - ORB_Core::run, calling handle_events()
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|DNS : problem 0, changed 1, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Certification : problem 0, changed 1, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Incoming : problem 0, changed 1, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Outgoing : problem 0, changed 1, already reported 0
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|class StatusReporting::DNSSection changed
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::WriteReport
07.12.2017 16:21:31 0998 I C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|This computer is part of the domain CMA
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::DNSSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::DNSSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::CertificationSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::CertificationSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::IncomingSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::IncomingSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::OutgoingSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::OutgoingSection::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::WriteAsXML
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::WriteReport
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::SetActualParent
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Actual parent is ``
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::SetActualParent
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|DNS : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Certification : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Incoming : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Outgoing : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|>>> StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|DNS : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Certification : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Incoming : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Outgoing : problem 0, changed 0, already reported 0
07.12.2017 16:21:31 0998 T C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|<<< StatusReporting::StatusReporter::Done
07.12.2017 16:21:31 0998 I C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Getting a new router certificate...
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Getting the parent message router object using IOR
IOR:010000002600000049444c3a536f70686f734d6573736167696e672f4d657373616765526f757465723a312e300000000100000000000000a4000000010102000c00000031302e31372e302e31313900012000004100000014010f004e5550000000210000000001000000526f6f74504f4100526f7574657250657273697374656e740003000000010000004d657373616765526f7574657200000003000000000000000800000001005601004f4154010000001800000001005601010001000100000001000105090101000000000014000000080000000100a60086000220
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Getting the certification object...
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Connector::connect, looking for SSLIOP connection.
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) Initializing SSLIOP_Endpoint
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO_LF_Event::state_changed to 2. No follower.
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport_Cache_Manager::find_i, unable to locate a free connection
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - SSLIOP_Connector::ssliop_connect, making a new connection
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport_Cache_Manager::fill_set_i, current_size = 0, cache_maximum = 10
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO_LF_Event::state_changed to 6. No follower.
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - SSL connection to <:8194:8194> failed (errno: An existing connection was forcibly closed by the remote host. )
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport[10868800]::cleanup_queue_i, cleaning up complete queue
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Connector::connect, looking for SSLIOP connection.
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport_Cache_Manager::find_i, unable to locate a free connection
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - SSLIOP_Connector::ssliop_connect, making a new connection
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport_Cache_Manager::fill_set_i, current_size = 0, cache_maximum = 10
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO_LF_Event::state_changed to 2. No follower.
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO_LF_Event::state_changed to 6. No follower.
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - SSL connection to <:8194:8194> failed (errno: An existing connection was forcibly closed by the remote host. )
07.12.2017 16:21:31 0998 D C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|TAO (1972|2456) - Transport[10865000]::cleanup_queue_i, cleaning up complete queue
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Router::GetCertificate: Caught CORBA system exception, ID 'IDL:omg.org/CORBA/TRANSIENT:1.0'
OMG minor code (2), described as '*unknown description*', completed = NO
07.12.2017 16:21:31 0998 E C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe|Failed to get certificate, retrying in 600 seconds
ive removed the host names and ip addresses from the lines above.
please someone help this is driving me mad!
This thread was automatically locked due to age.