Sophos Enterprise Console issues

Hello Jeremiah Sakala,

if the server itself is also disconnected then its likely a communications error.
Guess you have checked that the Sophos services are running. Please see Update Manager stuck at Downloading Binaries for a potential cause and the solution.

Christian

I checked the services are running, but from task manager, the SophosUpdateMgr.exe is showing as not using the CPU, its just a constant "00". but i can also see that the Let me try the link and will update Manager folder in Program Files(x86)\Sophos is showing last modified with today's date.

Let me try the link and I will update

i started with the first suggestion which is "First check for me is if SUM can report status into the management server." and it didn't reflect the change( didn't report the status), but still went ahead and tried the suggestions in those posts but to no avail. So am still stuck.

Hello Jeremiah Sakala,

has your management server one or more than one address?
One the management server - did you telnet <address> 8192 (successively using the values/names from mrinit.conf for <address>), did this return an address in the IIOP in at least one of the cases and were you able to connect to port 8194 using this address? It's not clear what you mean by tried to no avail.

Christian   

Hello Christian,

Sorry couldn't respond in time, was held up.

My management Server has only 1 IP address. Telnet with port 8192 brings lots of numbers then it says "connection lost", with port 8193 no connection, only connects with port 8194.

Hello Jeremiah Sakala,

lots of numbers then it says "connection lost"
this is normal and correct, the lots of numbers are an IOR, you can parse its information for example at parc.com. You should find the server's IP on the reachable with line. No connection on 8193 is also correct, port 8194 connects and after some time disconnects.
So if the IP returned in the IOR is the correct one there's some other issue. Please stop the Sophos Message Router and Sophos Agent services, start them and check the Router and Agent logs (%ProgramData%\Sophos\Remote Management System\3\...) - post them here if necessary.

Christian

The only folder where i can find Remote Management System is from this path: "c:\Program Files(86)\Sophos\Remote Management System" and only contents are mrinit & cac.. where can i check the logs?

Hello Jeremiah Sakala,

there are under %ProgramData% (usually a hidden folder, if it's not in Explorer's list just type it in the address bar).

Christian

Hello Jeremiah Sakala,

thanks. You can drag the log into the editor window, or copy/paste text.

The Agent log doesn't show an anomaly as far as I can tell, communication with SUM and the Router is up.
The Router log tells that the server has 4 IPs, one 192.x.x.x and three 169.254.x.x - are the latter "intentional"? Could you attach the whole log here - if it's already too large then please restart the Router, wait about 2 minutes, restart again and take the 2-minute log. Looks like it's not talking to the Management Service.

Christian