Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
We'd love to hear about it! Click here to go to the product suggestion community
I'm trying to setup a SEC with a Relay Server.
The Relay Server is accessible throught a domain name.
The problem is, when I install an Endpoint (MRinit.conf pointing at the domain name), the Endpoint doesn't show up in the console.
At some point, and I don't really know why, it showed up, but is now unavailable.
Can't someone please help me setting this up ?
I think I have troubles understanding the proper configuration to make this works.
Thanks for your help.
The relay server is also the public SUM.
And the updates are working, so I suppose it's only the relay that is not working.
Hello Paul Paul Rivenet,
you did follow the Deploying article, didn't you? Please check the Network Communications Report on both the Relay and the endpoint.
In reply to Paul Rivenet:
Hello Paul Rivenet
Please see if the information here also helps, in addition to QC 's post.
In reply to DianneY:
Thanks for you answers.
Yes I did followed the documentations you linked.
I don't have the registry keys (https://community.sophos.com/kb/en-us/117412)
I tried to reinstall the Endpoint, but didn't work, still no registry key, nor "up" in SEC
Here's what I'm trying to do :
Hello Paul Rivenet,
so what are the Parent addresses in the Network Communications Report of the endpoint (an FQDN that resolves to the relay's public or NATted IP, if I understand correctly) and the relay (if you sanitize them please use unambiguous placeholders)? Guess the Actual parent address is blank for the endpoint and on the relay SEC's name or IP?
Does the relay return the FQDN in the IOR string or perhaps its internal IP?
In reply to QC:
The ReportData.xml for the endpoint show this :
The ReportData.xml for the Relay :
<string msg='not available' /></actual_parent><router_type>endpoint</router_type>
On the Relay, the IOR is the FQDN
the endpoint could contact the relay but the relay thinks it's an endpoint (which would not prevent it from forwarding messages though) and - that's the issue - it could not contact SEC.