How to fix a misconfiguration that set the DLP agents to communicate on port 8100.
Last Updated March 09, 2018
A misconfiguration was sent down to all DLP agents to connect to the Endpoint server on port 8100. Port 8100 by default is what the Endpoint server uses to communicate with the Enforce server. This causes a major conflict in that the Endpoint server cannot communicate with the DLP agents because the server is still listening for clients on port 10443 and the agents want to communicate on 8100. Sending down a change configuration from Enforce for the Endpoint server to switch from 10443 to 8100 will cause the error "failed to bind address 0.0.0.0:8100".
A change server task went down to agents and set them to communicate on port 8100.
There are two main methods to fix this issue. The first is to use a script to make changes on the affected agents. The second is to temporarily change the communication ports to allow the clients to communicate to the Endpoint server on port 8100 then change them back over to port 10443.
Method 1: Fixing the Agent communication port with a script To use the update_configuration.exe go to KB TECH249545 and follow the steps under the section "Method 2: Changing the endpoint server through script". Using this KB you can configure the Endpoint server and the communication port for the DLP Agent. This is the best method to use if there are a small number of agents affected or to clean up single agents after a large scale configuration change.
Method 2: Temporarily modify the communication ports of the Endpoint Server Follow these steps to change the ports for the Endpoint <-> Enforce communication as well as the Endpoint <-> DLP Agent.
Go to System > Servers and Detectors > Overview
Click on the Endpoint server
Click on the configure button
Set the port to 8200
Access the file system on the Endpoint server and browse to \SymantecDLP\Protect\config. Modify the Communication.properties file
Change listenPort = 8100 to listenPort = 8200
Save the changes
Reset the Vontu Update and Vontu Monitor services
Open the Enforce Console and go to System > server and Detectors > Overview
Click on the Endpoint server Within a couple minutes the Endpoint server should show up as connected and using port 8200
Set the port under Agent Listener to 8100. Note: Leave the bind address to 0.0.0.0
Click on the recycle button on the status line
DLP Agents should now start connecting to the Endpoint Server
Go to KB TECH249545 and follow the steps in "Method 1: Changing the Endpoint Server through the console" to set the DLP agents to connect to the endpoint server on port 10443.
Note that after performing the Change Server task in step 16 that the DLP Agents may not report the change as a success even when they do successfully change. The agent reporting correctly will depend on how soon the following steps are performed. At this point determine how long you would like to leave the server in this state. If you are confident all or most of the DLP agents received the change then continue on. You may need to leave the server on this port for some time in order for the clients to connect and then get the configuration change. This period will largely depend on environmental factors like online vs offline agents, polling interval of clients, and agent connection retry settings.
Repeat Steps 10 - 14 and set the DLP Agent Listener port to 10443
Repeat Steps 1 - 9 and set the port to 8100
If there are any agents that did not get the server change configuration (step 16) with the new port then it is best to use method 1 and fix them with a script.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.