Enforcers cannot connect to the SEPM (RU5) – capture may show HTTP 500 errors. Sometimes the Enforcer shows up as online on the SEPM side, but never on the “show status” Enforcer CLI.
The database may show errors regarding “Invalid Server List!”
DNS servers may not be properly resolving hostnames in the Management Server List.
Best practice when entering Policy Management servers on the Enforcer-side Management Server List is to either use FQDNs (servername.domain.com) or IP Addresses (x.x.x.x) to identify the SEPMs. Entering the hostname (servername) alone may cause problems if your DNS servers do not properly resolve them.
Version of LAN enforcer: 11.0.5002.6122 (6100 series) SEPM version: 11.0.5002.282 (RU5)
Steps to confirm:
Install RU5 on Enforcer and SEPM
Connect NEW Enforcer to SEPM
Copy the Default Management Server List
Delete ALL Hostnames from the copied Server List
Under NEW Enforcer Properties, set the Default Management Server List to the newly created (copied) Server List
Confirm that the NEW Enforcer shows Online
On NEW Enforcer
Show Status to confirm SEPM/ Enforcer shows Online
Test to confirm SEPM/Enforcer communication:
At NEW Enforcer group properties: Enable Advanced properties (Legacy Client, Local Authentication) by checking boxes
Confirm profile.xml on \SEP\data\outbox\enforcerid\ has been updated
Confirm Enforcerprofile.xml is updated under /opt/LanEnforcer/conf
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.