Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 6907 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update Manager cannot connect to Sophos

Silvester Man

I have installed Enterprise Console in a server without general Internet access.  I am trying to add subscriptions in Update Manager.

When I click Add, it says at least one update manager must be configured to update from Sophos and asked me to run the Download Security Software Wizard.  I clicked Yes, and it got stuck in "Waiting for Sophos Update Manager to register...".

I have already open port 80 access for below addresses and tested connection is successful.  Are there any other addresses I need to grant access?

dci.sophosupd.com
dci.sophosupd.net
d1.sophosupd.com
d1.sophosupd.net
d2.sophosupd.com
d2.sophosupd.net
d3.sophosupd.com
d3.sophosupd.net



This thread was automatically locked due to age.
Parents
  • 0

    Hello Silvester Man,

    without general Internet access [...] open port 80
    this is the current list from the recently tweeted Timeout while attempting to connect ... article, which also mentions the same steps as Waiting for Sophos Update Manager to register only with more detail. Is it just opening port 80 or is a proxy involved?
    Please check the Update Manager and Agent logs for errors (the former perhaps shows just a time-out).

    Christian

  • 0 in reply to QC

    I have tested all the sites listed in https://community.sophos.com/kb/en-us/111428, they all connected successfully.

    SUM log shows no issue.  Agent log shows below:

    18.02.2017 19:18:52 1EB4 I SDDMA: Connecting to SDDM...
    18.02.2017 19:18:52 1EB4 I SDDMA: An uninitialized socket was created.
    18.02.2017 19:18:53 1EB4 I SDDMA: Failed to connect to the SUM host: connection was refused
    18.02.2017 19:18:53 1EB4 I SDDMA: The socket 704 was shut down.
    18.02.2017 19:18:53 1EB4 I SDDMA: The socket 704 was closed.
    18.02.2017 19:18:53 1EB4 W SDDMA: failed to connect to SDDM: Failed to connect to the SUM host: connection was refused

    I have also noted in the firewall log that the server tried to access IPs that resolve to downloads.sophos.com.  I will try to get that opened as well.

  • 0 in reply to Silvester Man

    Hello Silvester Man,

    not sure about downloads.sophos.com but guess this isn't the problem.

    failed to connect to SDDM
    suggests (if I'm not wrong) that ManagementAgentNT.exe can't connect to SophosUpdateMgr.exe (normally on the loopback 127.0.0.1:51234 interface). 

    Christian

  • 0 in reply to QC

    We opened firewall access to downloads.sophos.com, and Download Security Software Wizard completed successfully.

    SUM configuration was not able to complete before that access was granted.  Perhaps that caused the SophosUpdateMgr.exe connection issue as seen in the agent log?

  • 0 in reply to Silvester Man

    Hello Silvester Man,

    the SophosUpdateMgr.exe connection issue
    could be.

    downloads.sophos.com
    I'm not aware that it uses, let alone requires, this address.     Incidentally from our site it resolves to the same address as dci.sophosupd.com. Please note that the addresses depend on your location (DNS service), you might get more than one for a name, and they might change. Too bad you didn't capture a packet trace ... [:)], could have confirmed or disproved the downloads theory.

    Christian

Reply
  • 0 in reply to Silvester Man

    Hello Silvester Man,

    the SophosUpdateMgr.exe connection issue
    could be.

    downloads.sophos.com
    I'm not aware that it uses, let alone requires, this address.     Incidentally from our site it resolves to the same address as dci.sophosupd.com. Please note that the addresses depend on your location (DNS service), you might get more than one for a name, and they might change. Too bad you didn't capture a packet trace ... [:)], could have confirmed or disproved the downloads theory.

    Christian

Children
No Data
Unfiltered HTML