• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8448
  • Last Modified:

Kaspersky Administration Kit 8.0 can't connect to client

I am able to see the workstation on the network.  Push the network agent and the antivirus application.  However the license and updates did not push with the application.  After that, when I added the workstation to the "client computer" it won't connect with the administration console.  When I try to push the application to the local server all settings and updates is correct.  Any ideas?
  • 3
  • 2
1 Solution
Hi, had similar issue - here's an extract from Kaspersky's documentation:

Possible signs of a connection loss between Network Agent and Administration Server:

- policies do not apply to client computers;

- manual synchronization with a client computer fails;

- pale computer icon(s) in the Administration Console;

- the field Connecting to Server does not contain the current date and time (plus/minus 15-30 minutes) (for a running workstation, of course).

Use the utility klnagchk.exe to find out why a connection fails. This utility has been developed to analyze connections between Network Agent and Administration Server.

The utility should be run on problematic computers from the Network Agent setup directory (C:\Program Files\Kaspersky Lab\NetworkAgent 8) under a local administrator account. It is recommended to output its results into a log file.

A connection may fail due to one of the following reasons:

There is no Network Agent installed on the client computer.

Incorrect Administration Server address or port specified during local installation of Network Agent on the client computer.

Kaspersky Network Agent service is not running on the client computer.

Kaspersky Administration Server service is not running on the Administration Server.

There are several workstations under the same name in the network and a wrong workstation has been dragged into the group (by mistake). Use the Search command in the Server context menu. Select Find client computers and try to find computers with the same name – enter the PC name with *. For example, COMPUTER*.

This client computer is already connected to another Administration Server within the same Windows network.

Client computer is currently switched off.

The Administration Server computer is inaccessible from the client computer.

Use ping command on the client computer to verify it.

TCP 13000 and/or 14000 aports re blocked on the Administration Server computer.
You can check if the ports are open using one of the following utilities:

Run it on the computer <Administration_Server_name>, to make sure the Administration Server really opens the port 13000/14000 (Administration Server process is named klserver).

netstat, if the fport utility failed to display the list of open ports (e.g. it does not support Microsoft Windows 2003 Server):
netstat -a

telnet (to be run on the problematic computer)
telnet <Administration_Server_name> 13000


telnet <Administration_Server_name> 14000

If the telnet command displays an error message it means the ports are closed (due to firewall protection, etc).

UDP 15000 port is blocked on the client computer.
Incorrect Administration Server name or IP address on the client computer: i.e. Server name and IP address mismatch.

Open Network Agnet policy on the tab Network and configure connection to the Admninistration Server and Connection profiles (if any).
autocribAuthor Commented:
Wow its that quirky?  Is ESET more straightforward?  I figured if I got the initial push and install to go through, then the majority of the networking issues would have been ok.  How is their tech support if we decide to purchase now?  Thanks
Tech support is OK, no real complaints.  Got it for the first year, haven't had to use it though.  Haven't had too many problems with Kaspersky, other than one or two small install issues, so are pretty satisfied with it overall - a far cry better than Symantec, which was used in the past.  

Looked at ESET's antivirus offerings, the most attractive thing about them was that they are somewhat lighter on system resources than Kaspersky, otherwise performance is about the same in terms of security provided.  Chose Kaspersky simply because got a better deal on price (quite a few workstations, so cost was a deciding factor), but don't regret the decision.
autocribAuthor Commented:
Is there a quick way I can generate a installation file with all the administration and update information preconfiigured as I did with the SEPM?  Also is there a xml file replacement type of thing to get the standalone installs to connect and report to the admin server, also like in Symantec Endpoint Manager?  Thanks
The interface is easier (in my opinion) than Symantec's, since there is no real reason to generate login scripts for installation.  This is, however, possible under the Tasks for Specific Computers->Create->Task wizard->Login Script, but only really needed if you have systems using old versions of Windows, like 98.  Just follow the steps in the wizard, easy enough.

However, it's best to use the Push Install Wizard.  Starts the same way, but select push install as the option.  Push install configuration took all of five minutes using the wizard and worked fine first time.

For standalones, there is also a wizard for creation of  a standalone installation pack, go through Repositories->Installation Packages.  The packs can include the network agent, which allows connection to the admin server.  It's selectable on the wizard.  SEM was a lot more labour intensive to manage and resource intensive to use - Kaspersky is pretty much all wizard based.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now