Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 4861 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows server devices not displaying in the Enterprise Console

Nick_SVRMC

I have an issue in my environment where windows server (2012r2 & 2016) devices are not reporting to the Enterprise Console.

The endpoint agent was manually installed with the EXE file and not deployed through the console. Some of the servers are reporting back just fine and showing that the endpoint agent is installed and running.

Other devices display in the console, but the do not show that the endpoint agent is installed at all. Even though the endpoint agent is installed and display in the system tray on the server.

I've verified that the servers having the problem are allowed to communicate with the endpoint server. I'm not sure what else could be causing this.

Any help or suggestions would be appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    Hello NicholasOrtiz,

    first of all, no lecturing intended, please let's stick to the terms used in the GUI and docs and avoid more or less commonly used but ambiguous or even misleading ones (like endpoint agent - while there is a Sophos Agent service in SESC it's usually not called endpoint agent, the term is used for components in other product though).

    There are two ways a computer/endpoint can "appear" in the console: A name and some attributes are imported from some source, the name is grey, the icon has no red or green overlay, it's unmanaged - or an endpoint's management component contacts the management server and registers with it. In the former case a computer with this name might or might not exist.

    If the Endpoint software is installed but the computer doesn't show or is not yet managed then the endpoint can't communicate with the server. The Sophos Message Router service (RouterNT.exe) needs at least to be able to connect to ports 8192 and 8194 on the server. Failures are logged in the Router logs (%ProgramData%\Sophos\Remote Management System\3\Router\Logs\). If you restart the service it should start a new log, somewhere in the first few dozen lines there should be the error details.

    Christian 

Reply
  • 0

    Hello NicholasOrtiz,

    first of all, no lecturing intended, please let's stick to the terms used in the GUI and docs and avoid more or less commonly used but ambiguous or even misleading ones (like endpoint agent - while there is a Sophos Agent service in SESC it's usually not called endpoint agent, the term is used for components in other product though).

    There are two ways a computer/endpoint can "appear" in the console: A name and some attributes are imported from some source, the name is grey, the icon has no red or green overlay, it's unmanaged - or an endpoint's management component contacts the management server and registers with it. In the former case a computer with this name might or might not exist.

    If the Endpoint software is installed but the computer doesn't show or is not yet managed then the endpoint can't communicate with the server. The Sophos Message Router service (RouterNT.exe) needs at least to be able to connect to ports 8192 and 8194 on the server. Failures are logged in the Router logs (%ProgramData%\Sophos\Remote Management System\3\Router\Logs\). If you restart the service it should start a new log, somewhere in the first few dozen lines there should be the error details.

    Christian 

Children
No Data
Unfiltered HTML