ucstechinfo
asked on
Sophos Enterprise Deployment failing
Hey folks,
We have recently purchased Sophos Antivirus. I'm attempting to push out the clients to our domain. Working with tech support, they say that ports 8192, 8193, and 8194 need to be open. Ninety percent of our clients are imaged via Ghost. All machines (other than servers) are XP SP2 It seems that all clients setup via CD work fine. Same for servers. Our older computers (imaged by ghost) work fine as well. The bulk of machines are newer (also imaged via Ghost).
To be clear...
From any client (working or not) to the server: I can establish a telnet session on the 3 ports in question.
From the server to:
a. A working client: I can establish a telnet session on the 3 ports in question.
b. A non-working client (95% of our machines) I CANNOT establish a telnet session on the 3 ports in question.
From any client to a working client: I can establish a telnet session on the 3 ports in question.
The variable in this is the workstation. The server acts as constant. I do not believe the server is at issue. We do not have openmanage, firewall etc. If I manually install to the non-working machines, the progam installs and gets updates from the server just fine. It does not, however report in to the server, which is a great part of the value to me.
Each of the failed installs place a folder into the program files of the workstation. I'm installing as enterprise admin. Sophos is stumped....
We have recently purchased Sophos Antivirus. I'm attempting to push out the clients to our domain. Working with tech support, they say that ports 8192, 8193, and 8194 need to be open. Ninety percent of our clients are imaged via Ghost. All machines (other than servers) are XP SP2 It seems that all clients setup via CD work fine. Same for servers. Our older computers (imaged by ghost) work fine as well. The bulk of machines are newer (also imaged via Ghost).
To be clear...
From any client (working or not) to the server: I can establish a telnet session on the 3 ports in question.
From the server to:
a. A working client: I can establish a telnet session on the 3 ports in question.
b. A non-working client (95% of our machines) I CANNOT establish a telnet session on the 3 ports in question.
From any client to a working client: I can establish a telnet session on the 3 ports in question.
The variable in this is the workstation. The server acts as constant. I do not believe the server is at issue. We do not have openmanage, firewall etc. If I manually install to the non-working machines, the progam installs and gets updates from the server just fine. It does not, however report in to the server, which is a great part of the value to me.
Each of the failed installs place a folder into the program files of the workstation. I'm installing as enterprise admin. Sophos is stumped....
ASKER
To ensure that i understand your proposed solution...
Did you do this on the server or for each client?
Did you do this on the server or for each client?
ASKER
Ihad asked a clarifying question and rec'd no answer. I would like to close this question as the above info did not resolve my issue.
thanks
thanks
ASKER
I would like to present the solution for anyone else that comes against this issue. On the sever installation, go to \Program Files\Sophos\Remote Management System\Router\Envelopes. If the number of files in htere more than double the number of clients:
1. Stop the message routing service
2. Delete all files in C:\Program Files\Sophos\Remote Management System\Router\Envelopes
3. Restart the messaging service.
In my case I had around 50 working machines (thus should have had around 100 files). In fact there were over 181,000 files in this directory.
1. Stop the message routing service
2. Delete all files in C:\Program Files\Sophos\Remote Management System\Router\Envelopes
3. Restart the messaging service.
In my case I had around 50 working machines (thus should have had around 100 files). In fact there were over 181,000 files in this directory.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1. Start RegEdit and backup your registry.
2. Browse to HKEY_LOCAL_MACHINE\SYSTEM\
Services\SophosMessageRout
3. In the right-hand pane, double-click on 'ImagePath'.
4. In the Edit String dialog box, the 'Value data' field
displays the value:
... -ORBListenEndpoints iiop://:8193/ssl_port=8194
5. Change the ending part to:
... -ORBListenEndpoints iiop:///ssl_port=8194
6. Click 'OK' and close the Registry Editor.
7. Open the Services window, and restart the
Sophos Message Router service.
If it still does not work, then:
1. Start RegEdit and backup your registry.
2. Browse to HKEY_LOCAL_MACHINE\SYSTEM\
Services\SophosMessageRout
3. In the right-hand pane, double-click on 'ImagePath'.
4. In the Edit String dialog box, change the ending part to:
... -ORBListenEndpoints iiop://0.0.0.0:8193/ssl_po
5. Click 'OK' and close the Registry Editor.
6. Open the Services window, and restart the
Sophos Message Router service.