Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 11272 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with enabling Endpoint Protection .

DanielKaszper

Hello all. Since few days I'm testing Sophos UTM 9 Home , and I have a problem with only one thing . Activation Endpoint Protection cannot be activated , Antivirus as well due to licence .

When I'm  trying to activate Endpoint protection  I see Do you want to wait 30 more seconds to finish the request? and No response from Sophos LiveConnect.. in Antivirus  section I see Antivirus is currently off. This reflects the settings for the subscription you are currently using..

info from dashboard

Model:        ASG Software
License ID:       (deleted)
Subscriptions:        Base Functionality
Email Protection
Network Protection
Web Protection
Webserver Protection
Wireless Protection
Endpoint AntiVirus
Uptime:        0d 3h 2m

It is a problem with licence or connection. Utm  is updated , and behind ADSL modem in bridge mode .

Thanks in advance for help.

D.Kaszper



This thread was automatically locked due to age.
  • 0

    1) What do you see in the logs?

    2) Is there another firewall in front of the UTM that may be blocking the connection?

    3) What does it show under Endpoint AntiVirus at Management > Licensing > Overview (expired or disabled)?

    4)  At Web Protection > Filtering Options > Exceptions, do you have exceptions for Sophos LiveConnect and Sophos Services and are they enabled?

    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen
    1) What do you see in the logs?

    Endpoint protection log is clean (totally clean no entries in it) Endpoint Web protection as well . And it is normal because Endpoint protection is disabled. When I trying to switch on, I have to activate it first, but activation process in not successful as you know .

    2) Is there another firewall in front of the UTM that may be blocking the connection?
    No It is first device after ADSL modem in bridge mode.

    3) What does it show under Endpoint AntiVirus at Management > Licensing > Overview (expired or disabled)?

    Endpoint AntiVirus

    Status: enabled
    Exp. Date: 27 November 2018
    Max. Users: 12 ( 10 licensed Users + 2 free Users )
    Description: This subscription enables Endpoint Protection incl. Antivirus, HIPS and Device Control.

    4) At Web Protection > Filtering Options > Exceptions, do you have exceptions for Sophos LiveConnect and Sophos Services and are they enabled?

    Enabled all default rules, for services and for Live Connect enabled as well



    my UTM ver is Release 9.352-6

    Device restarted many times. Maybe I can check connections to those services from my PC by ping or something? If there is no access to servers from UTM my Pc should be disconnected too.

    Any ideas?

    Thx
  • 0
    Ok. How about these:

    Anything relevant in the Web Filtering log in the UTM?
    Do you have a MASQ rule setup at Network Protection > NAT > Masquerading? This is necessary for NAT.
    Do you have a typical home use firewall rule in place to allow outbound traffic (Internal (Network)---Any---Internet IPv4)?
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen
    Problem solved by reinstalling Sophos UTM without restoring config from previous installation. My first UTM was in version 9.214-1.1 and I had problem with Up2Date . System showed me information that updates are available , but for some reasons system was not able to find them when I tried to start update. So I created backup , then installed newest version 9.351-3.1. Restored backup and now I was able to do update , but Endpoint Protection was unable to connect and activate licence.
    My suspicions:
    In backup was something from 9.2 what was causing all problems. I decided that reinstallation will be much quicker than discovering problem .
    In newly installed UTM I used the same default settings as in 9.2. (not restored via backup) and it works like it should.

    Thanks very much for your help Scott , I know that my solution is not perfect but it will let save our time in this situation.
  • 0

    Exact the same problem here. System: Fresh installed Sophos UTM 9.351-3
    The problem occurs browser independent.

    Disabling Web Proxy, IPS, Application Controll doesn't help at all.
    Firewall reboot neither

    Endpoint protection LiveLog is emtpy


    Configuration daemon LiveLog says:

    fw confd[7304]: W Message::err_set:1100() => id="3100" severity="warn" sys="System" sub="confd" name="EPP_BROKER_RESPONSE_NONE (No response from Sophos LiveConnect.)" user="admin" srcip="192.168.x.x" facility="webadmin" client="webadmin.plx" call="epp_register_asg"

Unfiltered HTML