This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.213-4 - Sophos LiveConnect for EndPoint - no computers are showing online

I am using UTM 9.213-4 on an SG210 and have deployed the Sophos EndPoint Protection client on my devices - however, about 12 days ago, the clients stopped showing as "online" in the UTM WebAdmin control panel. If I open the live log, I can see that it appears that my UTM is failing to connect with Sophos:

2016:01:05-11:13:01 sophos epsecd[5965]: |=========================================================================
2016:01:05-11:13:01 sophos epsecd[5965]: W main::_log:432() => severity="warn" sys="System" sub="eplog" name="Listing [https://689932ef-025c-305a-b799-fda65d57d723-wdx-025c.broker.sophos.com//689932ef-025c-305a-b799-fda65d57d723/] failed with return code 35: SSL connect error Unknown SSL protocol error in connection to 689932ef-025c-305a-b799-fda65d57d723-wdx-025c.broker.sophos.com:443
2016:01:05-11:13:01 sophos epsecd[5965]: "
2016:01:05-11:14:11 sophos epsecd[5965]: |=========================================================================
2016:01:05-11:14:11 sophos epsecd[5965]: W main::_log:432() => severity="warn" sys="System" sub="eplog" name="Listing [https://689932ef-025c-305a-b799-fda65d57d723-wdx-025c.broker.sophos.com//689932ef-025c-305a-b799-fda65d57d723/] failed with return code 28: Timeout was reached SSL connection timeout
2016:01:05-11:14:11 sophos epsecd[5965]: "
 
Does anyone have any ideas how to remedy this? I know there are two further 9.2 updates to install (but live connect has been working well up until 12 days ago), and I have not tried a reboot yet.
thanks for any inspiration!
 


This thread was automatically locked due to age.
Parents
  • Hi,

    i have still the same issues with utm version 9.4xxxx.

    My endpoints ar getting new policys like tamper protection password changes,... but my changes in the web control will be not published to the broker server. When i set warning for gaming sites in the webfilter policy for my endpoint, the utm warns me when my endpoint is behind the utm, but when my endpoint is not behind the utm i can surf without warnings on the gaming sites.

    In the endpoint log of my utm the following error appears:

    2016:05:01-22:32:11 utm epsecd[5964]: |=========================================================================

    2016:05:01-22:32:11 utm epsecd[5964]: W main::_log:435() => severity="warn" sys="System" sub="eplog" name="Listing [https://c636cd28-76a6-390e-bad1-bb85fe90686f-wdx-76a6.broker.sophos.com//c636cd28-76a6-390e-bad1-bb85fe90686f/] failed with return code 28: Timeout was reached Operation timed out after 10000 milliseconds with 0 bytes received
    2016:05:01-22:32:11 utm epsecd[5964]: "
    2016:05:01-22:32:33 utm epsecd[17544]: I id="4211" severity="info" sys="System" sub="epsecd" name="Received report(s) from Sophos LiveConnect"
    2016:05:01-22:32:33 utm epsecd[17544]: I id="4212" severity="info" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="-1,-1"
    2016:05:01-22:33:21 utm epsecd[5964]: |=========================================================================
    2016:05:01-22:33:21 utm epsecd[5964]: W main::_log:435() => severity="warn" sys="System" sub="eplog" name="Listing [https://c636cd28-76a6-390e-bad1-bb85fe90686f-wdx-76a6.broker.sophos.com//c636cd28-76a6-390e-bad1-bb85fe90686f/] failed with return code 28: Timeout was reached SSL connection timeout
    2016:05:01-22:33:21 utm epsecd[5964]: "
    2016:05:01-22:34:21 utm epsecd[17544]: I id="4211" severity="info" sys="System" sub="epsecd" name="Received report(s) from Sophos LiveConnect"
    2016:05:01-22:34:21 utm epsecd[17544]: I id="4212" severity="info" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="-1"
    I think sophos has an problem with the live connect broker servers in their cloud.

    Cheers Andreas

     

    UTM SCE/SCA | Endpoint SCE

Reply
  • Hi,

    i have still the same issues with utm version 9.4xxxx.

    My endpoints ar getting new policys like tamper protection password changes,... but my changes in the web control will be not published to the broker server. When i set warning for gaming sites in the webfilter policy for my endpoint, the utm warns me when my endpoint is behind the utm, but when my endpoint is not behind the utm i can surf without warnings on the gaming sites.

    In the endpoint log of my utm the following error appears:

    2016:05:01-22:32:11 utm epsecd[5964]: |=========================================================================

    2016:05:01-22:32:11 utm epsecd[5964]: W main::_log:435() => severity="warn" sys="System" sub="eplog" name="Listing [https://c636cd28-76a6-390e-bad1-bb85fe90686f-wdx-76a6.broker.sophos.com//c636cd28-76a6-390e-bad1-bb85fe90686f/] failed with return code 28: Timeout was reached Operation timed out after 10000 milliseconds with 0 bytes received
    2016:05:01-22:32:11 utm epsecd[5964]: "
    2016:05:01-22:32:33 utm epsecd[17544]: I id="4211" severity="info" sys="System" sub="epsecd" name="Received report(s) from Sophos LiveConnect"
    2016:05:01-22:32:33 utm epsecd[17544]: I id="4212" severity="info" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="-1,-1"
    2016:05:01-22:33:21 utm epsecd[5964]: |=========================================================================
    2016:05:01-22:33:21 utm epsecd[5964]: W main::_log:435() => severity="warn" sys="System" sub="eplog" name="Listing [https://c636cd28-76a6-390e-bad1-bb85fe90686f-wdx-76a6.broker.sophos.com//c636cd28-76a6-390e-bad1-bb85fe90686f/] failed with return code 28: Timeout was reached SSL connection timeout
    2016:05:01-22:33:21 utm epsecd[5964]: "
    2016:05:01-22:34:21 utm epsecd[17544]: I id="4211" severity="info" sys="System" sub="epsecd" name="Received report(s) from Sophos LiveConnect"
    2016:05:01-22:34:21 utm epsecd[17544]: I id="4212" severity="info" sys="System" sub="epsecd" name="Acknowledging report(s)" reports="-1"
    I think sophos has an problem with the live connect broker servers in their cloud.

    Cheers Andreas

     

    UTM SCE/SCA | Endpoint SCE

Children
No Data