This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC server migration from W2008 to W2016 has stopped SUM communicating with Sophos.

Hi,

I have been tasked with removing old OS platforms from our internal environment and have built a Win2016 server (02) to migrate our existing (and sole) SEC management server role (01) across to. I followed the server to server migration guide (install database component, migrate database and CA, repoint all endpoints etc) however, the one intractable problem I appear to have is that the new SEC server is not getting any updates from Sophos. The ubiquitous 80040401|0402|0406 errors are in the Update Manager log details on every update attempt.

I rechecked the subscription credentials (no authentication failure evident?) and I deleted the contents of the Working\ and Update Manager\Warehouse\ folders but both remain completely empty when I invoke subsequent Update requests. 

I checked with my firewall admin colleagues and there are connection requests going out to Sophos servers (two IP addresses 99.84.224.44, 23.32.52.109) on port 443 but don't appear to be responses/files coming back from Sophos.

I did see the version of SUM initially went from 1.6.x.. to 1.7.1.19, so some communication must have been successful?

Is it possible that the Sophos server end is refusing to authenticate my new server (same internal subnet but different host IP to the previous - formerly working - parent SUM host) even though the subscription login credentials are valid? The Recommended subscription is unchanged, also updating policies.

I assume by following all the migration guide steps that all the config of the previous host was moved and activated intact on the new host?

Thanks,

Cameron



This thread was automatically locked due to age.
Parents
  • Hello Cameron,

    SUM initially went from 1.6.x.. to 1.7.1.19, so some communication must have been successful?
    Correct. This suggests that a) the connection could be established and b) the credentials have been accepted. As far as communication with the backend (Sophos) is concerned it should work.

    I see: Last successful download - Never and Could not read from the update source location. The LogViewer says: Cannot create stream - haven't seen posts regarding this error lately (a knowledgebase article suggests credentials or firewall issues as cause but I thin these can be ruled out as SUM has updated). Could you post a relevant part of the SUMTrace log? If there is some useful information it's in the lines around the first occurrence in an update cycle of Cannot create stream.

    There are some posts that "blame" permissions on the \Warehouse\ folder, please see here.  

    Christian

  • Thank you,

     

    I will get onto the SUMtrace.log and also the permissions check for warehouse\ upon my return.

    I also recall seeing a couple of .lock files somewhere in that general area, which were not disappearing..

     

    regards

    Cameron.

Reply Children
No Data