WithSecure Linux Security 64 is not connecting to the Policy Manager Server and is not visible in the "Import New Host" tab in Policy Manager Console

Issue:

WithSecure Linux Security 64 is not connecting to the Policy Manager Server and it is not visible in the "Import new hosts" tab in Policy Manager Console.

Resolution:

Check the "/var/opt/f-secure/fspms/logs/request.log" file of Policy Manager server whether there is any request from that Linux client by searching for its IP address in the log file.

If there is such information in the logs, it means that the Linux client is able to reach the Policy Manager server successfully.

If you could not find it, then you need to check the connectivity status from the Linux client to the Policy Manager server and make sure that the connection could be established successfully.

How to check the connectivity status:

Open any browser at the client side, enter the URL of the Policy Manager Server (example: https://hostname_or_ip:port_number) and check if a WithSecure Policy Manager page with the following content is displayed:

"If you see this message, F-Secure Policy Manager Server is installed and is working fine.

F-Secure Policy Manager Server's host interface status can be checked here.

F-Secure Policy Manager Server's management public key used by clients to verify validity of distributed policies can be downloaded from here."

Alternatively, you could also check the current connectivity status from your Linux Security 64 client to the Policy Manager Server by running the command below.

curl -o https-host -k https://hostname_or_ip:port_number

Notes:

Default port number for the client connection to the Policy Manager server is "443". If you have changed it to any other port number, use it instead.

If the connection could be established successfully and the issue still persists, you could consider to configure the address of Policy Manager Server using the server's IP address instead of hostname during the creation of the installation package and check if there is any improvement.

If the result is still the same, open a support request and provide the diagnostic files (FSDIAG) from both Linux Security 64 client and Policy Manager server for further investigation.

In case of Linux Security 64:

Run the following command on Terminal and the diagnostic file (fsdiag-linuxsecurity-yyyymmddxxxxxx.tar.gz) will be created under the "/var/opt/f-secure/linuxsecurity" directory.

# /opt/f-secure/linuxsecurity/bin/fsdiag.sh

In case of Policy Manager server:

Run the following command on Terminal and the diagnostic file (fsdiag.tar.gz) will be created under the current directory.

# /opt/f-secure/fspms/bin/fsdiag

Notes: You may refer to the following community article for more details.
https://community.f-secure.com/common-business-en/kb/articles/5514-how-do-i-create-an-fsdiag-file-on-linux-systems

Other than the information above, submission of the screenshot(s) when the host is missing on Policy Manager Console is also needed for the investigation.

Article no: 000016582