Thank You! I seriously forgot Port 443 in the Firewall...
Hello,
I find it absurd that F-Secure Policy Manager's installation wizard still doesn't offer to configure the ports in Microsoft's built-in firewall (Windows Server) or iptables (Linux Server) and the customer has to fiddle manually with the various ports. But F-Secure products' focus is supposed to be ease of use!
Best Regards: Tamas Feher, Hungary.
Hi,
To test: Try telnet connection to PMS using 443 port.
Just remember: The version 12.10 uses HTTPS. So be sure the Windows where you installed the PMS have the ports released to 443, 80, 8080, 8081 (if you used the default ports) in the Windows firewall.
Best Regards,
Roberto Chu
> Then I disable on the Client the F-Secure Firewall and the Windwos Firewall but there is still no Connection to the Policy Manger.
The F-Secure firewall (Internet Shield) always includes a built-in exception for letting through the F-Secure Policy Manager traffic.
> Is there any difference between Signature and Policy download from the Server?
The AV-signature updates are internally digitally signed by F-Secure Corp.'s key, so they are accepted by clients, even if the Policy Manager Server key is broken. The policy settings are signed by the local Policy Manager Server and won't be accepted by clients if the admin./prv/.pub keypair cannot be matched.
So I`ve made a clean install on the W10 Client with F-Secure Client Securtiy 12.10 that was pushed from the Policy Manger. I choose a new Domain with a clean and empty Policy.
Then I disable on the Client the F-Secure Firewall and the Windwos Firewall but there is still no Connection to the Policy Manger. Error is again:
1 2016-07-06 11:06:43+02:00 EDV06 ***\email F-Secure Management Agent 1.3.6.1.4.1.2213.11.1.14 F-Secure Management Agent was not able to connect to the server and is now operating in Offline Mode. (error number 12002: Das Zeitlimit für den Vorgang wurde erreicht. )
But the strange is that it loads the virus definition from the same server without any errors. Is there any difference between Signature and Policy download from the Server?
Hello list,
1.3.6.1.4.1.2213.25.1.70.20 is F-Secure Internet Shield (Firewall) policy "Firewall Engine Enabled".
Could it be so, that you disabled not Windows Firewall but F-Secure Firewall?
Best regards,
Vad
If I turn off the Windwos Firewall there is a new Error Code in the log:
24 2016-07-04 14:24:06+02:00 EDV06 ****\email F-Secure Management Agent 1.3.6.1.4.1.2213.11.1.15 F-Secure Management Agent failed in an internal operation. Setting the policy variable 1.3.6.1.4.1.2213.25.1.70.20 (error=-506) was not successful. If the problem persists, please contact the system administrator.
What does it mean?
Maybe the built-in Microsoft firewall hasn't been turned off in Windows 10 for some reason and it is interfering with the new kind-of real time communications protocol between FSPM 12.10 and FSCS 12.10?
Yes, it´s repeat regularly on the W10 Client.
In the PM are 50 hosts and all works fine. (Win7+2012R2)
The W10 Client is a test and the only one who don´t communicate withe th PM.
Hello List,
Do you see this error repeating often in the logs?
How many machines are managed by this PM?