The Symantec Endpoint Protection client is not able to communicate with Symantec Endpoint Protection Manager. The Sylink log illustrates "Error Code = 12029."
Possible causes for this situation include the following:
- The SEPM service is not running.
- The machine hosting the SEPM does not allow inbound traffic via the expected port.
- A firewall or proxy server is blocking inbound traffic via the expected port to the machine hosting the SEPM.
- The SEP client is attempting to communicate via HTTPS while the SEPM or associated website is not correctly configured to allow HTTPS.
Note: The Communications Port for Symantec Endpoint Protection Manager by default is 8014; this communications port may have been customized during the installation of the Symantec Endpoint Protection Manager or at a later time.
When the Server on which Symantec Endpoint Protection Manager is un-available
Symantec Endpoint Protection Manager service on the Symantec Endpoint Protection Manager server is stopped/not running
Ensure that Symantec Endpoint Protection Manager Server is Running, the Symantec Endpoint Protection Manager Service is running and the Symantec Endpoint Protection Manager was not re-installed.
Symantec Endpoint Protection Manager was completely re-installed without restoring the Database backup or the Server Certificates
If the SEPM was completely re-installed without restoring the Database backup or the Server Certificates, we need to replace the sylink file on all the clients.
When Windows Firewall is not allowing the SEP client to connect on port 8014
Follow the steps below in order to allow the inbound traffic on port http 8014:
Open Windows Firewall Advance Settings from Administrative Tools
Under Inbound Rules, select Create New Rule
Create the rule for Ports & Protocol
Select TCP port 8014
Allow the traffic for only Domain as it is specific for Internal Network
Finish the wizard
Try to update the policy on the one of the client to test the end results
The client should show up in manager and will start communicating with the manager
A Proxy may not be allowing to connect to sepm server on port 8014
Bypass OR create Exclusion on the Proxy Server to allow traffic to the Symantec Endpoint Protection Manager on port 8014
Custom Management Server List is configured for HTTPS, although the website in IIS is not configured for SSL
SEP clients that have a management server list configured to use HTTPS communication, without having configured SSL for the website in IIS, will not communicate with the SEP Manager. Either configure an SSL certificate in the IIS website or change the communication setting from HTTPS to HTTP in the Management Server List.
Imported Document ID: TECH96483
Subscribing will provide email updates when this Article is updated. Login is required.