After move of PM, updates come from webserver

vis

Hello!

We move our PM to newer server, with great instructions (https://community.f-secure.com/t5/Business/Moving-Policy-Manager-Server-to/ta-p/68727)

Clients communicate with new PM server, but update server is fsbwserver.f-secure.com.

We cannot find anywhere from PM setting, that we could change address of update server to PM server.

 

Could somebody help us? 

 

BR,

VIS

vis

Now it looks like, that virus definitions wont update to new server. Should we do some changes to old PM server?

etomcat

Hello,

 

Possibly your gateway-level filtering (e.g. firewall/UTM) does not allow the new server (new IP) to communicate with F-Secure's update-serving cloud farm (I think it runs on Akamai's global infrastructure).

 

Best Regrads: Tamas Feher, Hungary.

MJ-perComp

I am not fully sure that you mean the new PMS does not update or that Clients do not get updates from the new PMS. Would you mind to provide some 20 last lines from the PMS's fsaua.log?

Please also check that port 80 is still available from the HOSTs
http://<PMS-IP>/B
make sure, the host you try that from has "no http-proxy" configured.

 

If that check fails disable the Firewall on the PMS completely, re-check.

 

Please create a FSDIAG before doing the next step and rename it!

 

If still fails you should try FSAUAReset to reinitialize AUA and AUS.

If still fails create a second FSDIAG and provide both to Support. Do not forget to link this thread.

vis

OK, I try to explain this.

 

When I look client settings (settings -> other settings -> automatic updates) in workstation, settings are:

 

Policy manager: http://192.168.168.206:80 which is correct. Old PMS uses port 81, so that could be issue?

Update server: fsbwserver.f-secure.com. Earlier setting in old PMS was: http://192.168.168.219:81 which is old server IP.

 

So now clients get updates straight from f-secure server, not from our PMS. Does that port has anything to do with this issue?

 

I dont think that firewall has anything to do with this. We have add expection to client firewall to accept all traffic to PMS both ways. And we dont have any proxy at all.

Problem in simplest is, that updates wont came through PMS, but straight from f-secure.com. This adds traffic which is not preferred.

 

Last lines from PMS fsaua.log (under: C:\ProgramData\F-Secure\Logs\FSAUA)

 5464]Thu Apr 06 08:28:22 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_04' : Success

[ 5464]Thu Apr 06 08:29:25 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_04' : Success

[ 5464]Thu Apr 06 08:57:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 5464]Thu Apr 06 08:57:12 2017(2): Update check completed successfully. No updates are available.

[ 5464]Thu Apr 06 09:27:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 6484]Thu Apr 06 09:27:23 2017(3): Database 'aquawin32' version '1491455666' db_size '369117530', free '266656940032'

[ 6484]Thu Apr 06 09:27:24 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_05' - 'aquawin32' version '1491455666' from fsbwserver.f-secure.com, 369117530 bytes (545249 bytes downloaded)

[ 9220]Thu Apr 06 09:27:31 2017(3): Database 'aqualnx32' version '1491455838' db_size '369184582', free '266298028032'

[ 9220]Thu Apr 06 09:27:33 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_05' - 'aqualnx32' version '1491455838' from fsbwserver.f-secure.com, 369184582 bytes (5630 bytes downloaded)

[ 5464]Thu Apr 06 09:27:34 2017(2): Update check completed successfully.

[ 5464]Thu Apr 06 09:28:19 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_05' : Success

[ 5464]Thu Apr 06 09:29:08 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_05' : Success

[ 5464]Thu Apr 06 09:57:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 5464]Thu Apr 06 09:57:12 2017(2): Update check completed successfully. No updates are available.

[ 5464]Thu Apr 06 10:27:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 8176]Thu Apr 06 10:27:18 2017(3): Database 'aquawin32' version '1491459251' db_size '369133742', free '266637713408'

[ 8176]Thu Apr 06 10:27:19 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_06' - 'aquawin32' version '1491459251' from fsbwserver.f-secure.com, 369133742 bytes (247966 bytes downloaded)

[ 8756]Thu Apr 06 10:27:26 2017(3): Database 'aqualnx32' version '1491459392' db_size '369200794', free '266301374464'

[ 8756]Thu Apr 06 10:27:28 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_06' - 'aqualnx32' version '1491459392' from fsbwserver.f-secure.com, 369200794 bytes (5456 bytes downloaded)

[ 5464]Thu Apr 06 10:27:28 2017(2): Update check completed successfully.

[ 5464]Thu Apr 06 10:28:15 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_06' : Success

[ 5464]Thu Apr 06 10:29:11 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_06' : Success

[ 5464]Thu Apr 06 10:57:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 5464]Thu Apr 06 10:57:12 2017(2): Update check completed successfully. No updates are available.

[ 5464]Thu Apr 06 11:27:12 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...

[ 444]Thu Apr 06 11:27:18 2017(3): Database 'aquawin32' version '1491462862' db_size '369111856', free '266663120896'

[ 444]Thu Apr 06 11:27:20 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_07' - 'aquawin32' version '1491462862' from fsbwserver.f-secure.com, 369111856 bytes (86169 bytes downloaded) [11048]Thu Apr 06 11:27:27 2017(3): Database 'aqualnx32' version '1491462989' db_size '369178908', free '266298535936'

[11048]Thu Apr 06 11:27:29 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_07' - 'aqualnx32' version '1491462989' from fsbwserver.f-secure.com, 369178908 bytes (5283 bytes downloaded)

[ 5464]Thu Apr 06 11:27:29 2017(2): Update check completed successfully.

[ 5464]Thu Apr 06 11:28:31 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_07' : Success

MJ-perComp

Well, on the PMS the FSAUA-log looks very fine.
The AUA-Client requests Updates from fsbwserver, which is completly correct.

Now, what does the client's fsaua.log look like?

vis

Hmm...This from my workstation.

 

[10380]Thu Apr 06 10:09:24 2017(2): Connecting to http://192.168.168.206:80 (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 10:09:25 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)
[10380]Thu Apr 06 10:10:26 2017(2): Connecting to http://192.168.168.206:80 (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 10:10:27 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)
[10380]Thu Apr 06 10:10:27 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 8348]Thu Apr 06 10:10:31 2017(3): Database 'aquawin32' version '1491455666' db_size '369117530', free '72304078848'
[ 8348]Thu Apr 06 10:10:32 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_05' - 'aquawin32' version '1491455666' from fsbwserver.f-secure.com, 369117530 bytes (545249 bytes downloaded)
[10380]Thu Apr 06 10:10:32 2017(2): Update check completed successfully.
[ 9292]Thu Apr 06 10:10:49 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_05' : Success
[10380]Thu Apr 06 11:10:32 2017(2): Connecting to http://192.168.168.206:80 (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 11:10:33 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)
[10380]Thu Apr 06 11:11:33 2017(2): Connecting to http://192.168.168.206:80 (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 11:11:35 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)
[10380]Thu Apr 06 11:11:35 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[ 8632]Thu Apr 06 11:11:38 2017(3): Database 'aquawin32' version '1491459251' db_size '369133742', free '72288763904'
[ 8632]Thu Apr 06 11:11:39 2017(3): Downloaded 'F-Secure Aquarius Update 2017-04-06_06' - 'aquawin32' version '1491459251' from fsbwserver.f-secure.com, 369133742 bytes (247966 bytes downloaded)
[10380]Thu Apr 06 11:11:39 2017(2): Update check completed successfully.
[ 9292]Thu Apr 06 11:11:58 2017(3): Installation of 'F-Secure Aquarius Update 2017-04-06_06' : Success
[10380]Thu Apr 06 11:21:56 2017(2): Connecting to http://192.168.168.206:80 (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 11:21:57 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)
[10380]Thu Apr 06 11:21:57 2017(2): Connecting to fsbwserver.f-secure.com (no BW proxy, no HTTP proxy)...
[10380]Thu Apr 06 11:21:57 2017(2): Update check completed successfully. No updates are available.

MJ-perComp

This line indicates that PMS:80 is not reachable:

---

@vis wrote:

[10380]Thu Apr 06 10:09:25 2017(3): Update check failed. There was an error connecting http://192.168.168.206:80 (Connection failed)

Please disable any Proxy settings for your browser and open http://192.168.168.206:80/B as requested in the previous post (follow the steps as previously explained).

most likely the server's firewall is not configured correctly!