I am using Sophos UTM 9 (Ver. 9.707).
The following message is output to "/var/log/reverseproxy.log".
virus daemon connection problem found in request xxxxxxxx
I would like to know the following:
・Meaning
・Impact
・Cause
・Solution
I am using Sophos UTM 9 (Ver. 9.707).
The following message is output to "/var/log/reverseproxy.log".
virus daemon connection problem found in request xxxxxxxx
I would like to know the following:
・Meaning
・Impact
・Cause
・Solution
Hi 飯塚 英樹 ,
Thank you for reaching out to the community, can you change the anti-virus engine and check if the error still persists?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Thank you.
If there is no impact, we cannot update the antivirus engine.
So first, please let us know what the message means and what the impact is.
I was stating we offer two Anit-virus engine if you can change between the Avira & Sophos can check the results are the same ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Sorry.
The product we use is "Sophos Cloud UTM 9 (Auto Scaling PAYG)".
Can we switch between Avira and Sophos?
However, even if we could switch, we would not be able to switch if the message does not affect the operation of the antivirus.
The Meaning - virus daemon connection problem:
DAEMON is not a virus in and of itself. "Daemon" is a term used in computing to refer to a background process that runs on a computer system, often without direct user interaction. Daemons are typically used to handle system tasks or provide services to other programs or users.
In regards to the impact what is your observation , are user facing any issue ?
Cause could be anything, additionally you can refer the old thread - NEED HELP - "[19869] virus daemon error found in request" after License Update!
You can try tweaking the existing settings or change the engine or reboot to see if that helps...
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Also, this message is not always output, but is output occasionally.
It is output together with the following message:
Connection refused: [client xx.xx.xx.xxx:xxxx] cannot connect to cssd
check if there is no port blocking here, use telnet to connect to the ip/port to test connectivity.
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Thank you.
I understand that if it's not constantly being logged then there's no need to worry about it.
Please let me know for reference.
How can I check that the UTM is working properly? For example, by checking XXX on the console, etc.
Under the cd /var/log
you can check the system.log, fallback.log, kernel.log and reverseproxy.log for any suspicious log activity...
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Thank you.
We will check the log for any abnormal messages,
and if there are none, we will assume that the UTM is normal.
Sure...
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Sure...
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Log a Support Case | Sophos Service Guide
Best Practices – Support Case
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.