This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.213-4 - Sophos LiveConnect for EndPoint - no computers are showing online

I am using UTM 9.213-4 on an SG210 and have deployed the Sophos EndPoint Protection client on my devices - however, about 12 days ago, the clients stopped showing as "online" in the UTM WebAdmin control panel. If I open the live log, I can see that it appears that my UTM is failing to connect with Sophos:

2016:01:05-11:13:01 sophos epsecd[5965]: |=========================================================================
2016:01:05-11:13:01 sophos epsecd[5965]: W main::_log:432() => severity="warn" sys="System" sub="eplog" name="Listing [] failed with return code 35: SSL connect error Unknown SSL protocol error in connection to
2016:01:05-11:13:01 sophos epsecd[5965]: "
2016:01:05-11:14:11 sophos epsecd[5965]: |=========================================================================
2016:01:05-11:14:11 sophos epsecd[5965]: W main::_log:432() => severity="warn" sys="System" sub="eplog" name="Listing [] failed with return code 28: Timeout was reached SSL connection timeout
2016:01:05-11:14:11 sophos epsecd[5965]: "
Does anyone have any ideas how to remedy this? I know there are two further 9.2 updates to install (but live connect has been working well up until 12 days ago), and I have not tried a reboot yet.
thanks for any inspiration!

This thread was automatically locked due to age.
  • Hi both - you seem to be having the same issue as me. My EndPoints had been showing up as online (green) for many months until 15 days ago they all suddenly went grey in WebAdmin with the SSL errors listed in my original post. I had not made any changes to WebAdmin and had not updated the firmware recently. I rebooted my UTM as it had a long uptime but that does not seem to have had any effect - in fact, the errors are no longer appearing in the livelog, but the devices are still all grey.

    I know I am running an older firmware, and I was going to update to the most recent, but seeing your posts makes me think this is nothing to do with the version of firmware I am running.

    I have a support contract on this device (it is a live UTM at a client site) so i have involved Sophos support. So far, while being helpful, they have not managed to resolve the issue. Support have logged into the UTM and they then asked me the following questions. My responses are shown

    - Is standard HTTPS web browsing working >>> YES. I confirmed this from a machine on the network. HTTPS sites resolve and function fine.
    - Is there a proxy server between the clients and the internet >>> NO. Internet connection is a private fibre leased line which terminates on the provider's hardware. The SG210 then plugs directly into this hardware. There is no third party proxy in place as far as I know.
    - Does this proxy server scan HTTPS traffic >> > There is no proxy and the only HTTPS scanning that is done, is done by the SG210 itself. In WebAdmin, Under Web Protection > Web Filtering, the option "HTTPS (SSL) traffic: > URL filtering only" is enabled.
    - Can you bypass HTTPS scanning if their is a proxy to see if this resolves the issue >>> NO proxy is in place. I can try deactivating HTTPS URL filtering from WebAdmin if you think it is worth a try?
    - Is anything blocked on the firewall for these computers >>> NO.

    I have also posted the question to SpiceWorks as there are a number of knowledgable Sophos users there:

    I will keep you updated.
  • Hi. According to my reseller-support (ALSO) this problem is already known. Bug ID 36232.
  • Hi Alexander, yes, support have just told me the same thing and same bug ID. Thanks!
Reply Children
No Data