Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 6601 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows Workgroup server is not showing up in SEC

David Lewis1

Hi,

 

 We've installed Sophos Endpoint on a workgroup server, and it is not showing up in SEC as a system (Unassigned or otherwise).

All the Sophos components were installed, and it is updating successfully.

The server name is 'RD00155D300207'

How should we proceed?

Thanks,

David



This thread was automatically locked due to age.
Parents
  • 0

    At the missing server, can you restart the Sophos Message Router service, wait 2 minutes and then post here the latest log that has been created under:

    \programdata\sophos\Remote Management System\3\router\logs\

    Regards,

    Jak

  • 0 in reply to jak

    Hi Jak,

      Thanks, by looking at the logs it became clear that both ports 8192 & 8194 are required for connecting with SEC.

    Plus, there appears to be a dependency on the SEC host name ('a2adm2') even though we designated the update path to be its IP (10.6.1.12).

    Is there someway we can remove dependency on the hostname altogether?

    David

  • 0 in reply to David Lewis1

    Hello David,

    updating (using SMB/UNC or HTTP) and communication (RMS, using 8192 and 8194) are independent components. An endpoint can update from whatever location (including Sophos) and also doesn't need to communicate directly with the management server - it could send its messages through a relay. Thus the updating policy and RMS specify the target address individually.

    For details on RMS please see configuring message relay computers and Using Sophos message relays in a public WAN. While they refer to relays they also describe the basic concepts and give examples on the configuration.
    dependency on the SEC host name
    by default the mrinit.conf contains IPv4,[IPv6,]FQDN,NetBIOS and RMS tries the IP first. AFAIK there's no IP if the management server doesn't have a static IP - but in this case it's expected that the endpoints can resolve the name.

    Christian 

Reply
  • 0 in reply to David Lewis1

    Hello David,

    updating (using SMB/UNC or HTTP) and communication (RMS, using 8192 and 8194) are independent components. An endpoint can update from whatever location (including Sophos) and also doesn't need to communicate directly with the management server - it could send its messages through a relay. Thus the updating policy and RMS specify the target address individually.

    For details on RMS please see configuring message relay computers and Using Sophos message relays in a public WAN. While they refer to relays they also describe the basic concepts and give examples on the configuration.
    dependency on the SEC host name
    by default the mrinit.conf contains IPv4,[IPv6,]FQDN,NetBIOS and RMS tries the IP first. AFAIK there's no IP if the management server doesn't have a static IP - but in this case it's expected that the endpoints can resolve the name.

    Christian 

Children
No Data
Unfiltered HTML