McAfee ePO Server failing to automatically pull updates

Posted on 2011-02-20
Medium Priority
Last Modified: 2013-12-09
Hi everyone,

We have a McAfee 4.5 server that we have rolled out in our company and for some reason, the server cannot pull the updates automatically.  I can manually pull them from the McAfee website (from the same server) and check them in manually and everything works fine.  But it fails to download automatically.  I doubt it matters, but the server is Windows 2008 Server R2.  Initially we thought it was a proxy server issue, but since we can download it directly to the server using IE, I don't think that's the issue.

The log file text can be seen below.  Any help would be appreciated:

20110220112616    I             #4804     SIM_InetMgr          Session 1 ended, result=1

20110220112616    I             #4804     SiteMgr MirrorThreadProc: Mirror thread ended

20110220112616    x            #4804     SiteMgr SiteMgr main control final release...

20110220113226    I             #4804     SiteMgrWrap         Created instance of Site Manager

20110220113226    I             #4804     SiteMgr SetEPOMode: SiteMgr enter ePO mode, server=SERVERNAME, port=8443, EPOUser=, Password=********

20110220113226    I             #4804     SiteMgr DALInit: Connected to DAL successful

20110220113226    I             #4804     SiteMgr SetEPOMode: Set ePO mode successful

20110220113226    I             #4804     SiteMgr MirrorThreadProc: Mirror thread started

20110220113226    I             #4804     MCUPLOAD          Connecting directly to server lc.mcafee.com.

20110220113226    I             #4804     MCUPLOAD          Successfully disabled CA trust options.

20110220113245    E            #4804     MCUPLOAD          Failed to send http request.  Error=12007 (12007)

20110220113245    E            #4804     MCUPLOAD          System error 12007 means unable to resolve target address for lc.mcafee.com, adjust machine DNS configuration as necessary to resolve this issue

20110220113245    E            #4804     SiteMgr Failed to send the http request.  hr=-2147467259

20110220113245    W           #4804     SiteMgr License check passed, but there was an error.  Error=, Code=-2

20110220113245    I             #4804     SrvEvtInf              Generating Event

20110220113245    I             #4804     SiteMgr No valid License key was found.  License check passed (beta or eval)

20110220113245    I             #4804     SIM_InetMgr          Starting download session for site McAfeeHttp

20110220113246    I             #4804     naInet    HTTP Session initialized

20110220113246    I             #4804     naInet    Connecting to HTTP Server using Microsoft WinInet

20110220113246    I             #4804     naInet    Trying to connect to Real Server update.nai.com using INTERNET_OPEN_TYPE_PRECONFIG

20110220113246    I             #4804     naInet    Connected to Server: update.nai.com on Port: 80 using WinInet

20110220113246    I             #4804     SIM_InetMgr          Started download session 1 for site McAfeeHttp

20110220113246    I             #4804     SiteMgr MirrorThreadProc: Downloading file catalog.z from McAfeeHttp

20110220113246    I             #4804     SIM_InetMgr          Downloading file catalog.z from session 1, LocalDir=C:\Windows\TEMP\nai3B5A.tmp\00000000, RemoteDir=

20110220113246    I             #4804     naInet    Open URL: http://update.nai.com:80/Products/CommonUpdater/catalog.z

20110220113246    I             #4804     naInet    Trying to download using Microsoft WinInet library

20110220113246    I             #4804     naInet    Connecting to Real Server update.nai.com using INTERNET_OPEN_TYPE_DIRECT

20110220113246    I             #4804     naInet    No resume download needed, calling InternetOpenUrl

20110220113246    I             #4804     NAINET               Resolving name update.nai.com to address

20110220113300    E            #4804     naInet    InternetOpenUrl failed on Server: update.nai.com:80, error msg:  

20110220113300    I             #4804     naInet    Failed to download the URL /Products/CommonUpdater/catalog.z using Wininet

20110220113300    I             #4804     naInet    Trying to download using windows socket library

20110220113300    I             #4804     naInet    Connecting to Real Server: update.nai.com on port: 80

20110220113319    E            #4804     naInet    failed to find host for HTTP server: update.nai.com:80, error 11001

20110220113319    I             #4804     SIM_InetMgr          Download file catalog.z failed in session 1, nainet ret=11001

20110220113319    e            #4804     SiteMgr MirrorThreadProc: Download file catalog.z from McAfeeHttp failed, hr=-2147467259

20110220113319    I             #4804     SrvEvtInf              Generating Event

20110220113319    I             #4804     naInet    HTTP Session closed
Question by:ExExMike
  • 2
  • 2
LVL 16

Accepted Solution

legalsrl earned 2000 total points
ID: 34941187

Well you can certainly see that ePO is trying to download from the right places....

Error Code 11001 is a DNS error - no such host is known

What DNS Settings have you got in the machine ?

Can you ping update.nai.com ? If so, what IP does it resolve to ?


Author Comment

ID: 34948158
Hi legalsrl,

Thank you for your response.  I can't Ping it or do a tracert (could not find host, unable to resolve target system name, respectively).  But I can open a browser, go to McAfee and download the file manually (I'm doing it right now - it's downloading from download.nai.com).

There are a # of Local Area connections on the server.  I didn't install them so I can't say specifically why.  There is the usual # of pseudo connections and then there are a number of seemingly legitimate connections.  My TCP/IP skills are probably not advanced enough, but I wonder if this will help...

It seems to be a multi-homed server.  IE is able to connect, so the NIC that it uses has functioning DNS settings.  One of the other NICs is configured to use a different DNS server.  I wonder if for some reason ePO is attempting to get the download thru that NIC?  I'm not sure why it would since, it's browser-based and if we open another tab, it can go straight to the McAfee website...

I realize this isn't very helpful.  If you have any ideas for where I might look, please feel free to let me know and I can look around some more.


Author Comment

ID: 34948362
Further update... The proxy server configuration was incorrect.  Once it was changed the downloads started working.  Thank you for your help
LVL 16

Expert Comment

ID: 34949384
Nice one Mike, glad you sorted it :-)

The common config errors I see are either Web Filtering or Web Proxy issues, so I'm not surprised :-)

LVL 38

Expert Comment

ID: 35292520
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
If you are like me and like multiple layers of protection, read on!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question