4 Replies Latest reply on Dec 27, 2016 6:24 AM by cwinning

    Agent management issue

    Dmitriy.Kolesnikov Rookie

      Hello All,

       

      We use agents to patch end-users machines with management from console - 5 remote offices, 3 separate domains. I can install remotely agents and install patches from console (without agents) on all sites and all domains. But when I try to send command from console to remote machine that works in separate domain, then I getting error 'Agent didn't respond'. I can install agents in separate domains, can install patches on machines in separate domains, but can't to manage agents. In the same time, I can send command from agent to console (check-in, update binaries) and it is successful.

       

       

      We opened ports 135 and 4155 at first, tried to disable antivirus and firewalls - no changes. May be the issue with separate domains for agents?

        • 1. Re: Agent management issue
          cwinning CommunityTeam

          Hello,

           

          1.  The Agent machine needs to have port 4155 open to listen for commands from the Protect server and the Protect server needs to have port 3121 open to receive the response back from the Agent.

          • Test 4155 from the Protect server to the target agent machine. This is for agent commands to the target machine.
          • Test 3121 from the target agent machine to the Protect server.

          (you should note if you need to use NetBIOS, FQDN or IP to make this work)

           

          2.  Ensure that DNS resolution is working correctly when contacting the Protect console system. From the client system run the following commands. The results should match up.

          • nslookup consolemachinename
          • nslookup consoleIPaddress

           

          3.  Is your Agent machine able to resolve the names in your Console Alias Editor. If needed update the Console Alias Editor by adding the IP Address, NetBIOS and FQDN. To do this in Protect go to Tools > Console Alias Editor and add the Alias needed. Then manually have your Agent check-in to update it. (do this from the target machine Agent UI or allow the Agent to check-in at it's normal time)

          ConsoleAlias.PNG

           

          4.  Is the time on your Agent Machine within 2 minutes of the time on the Console. If the times are not synced they will not communicate because of trust issues by not being able to verify the certificates.

           

          Thanks,

          Charles

          1 of 1 people found this helpful
          • 2. Re: Agent management issue
            Dmitriy.Kolesnikov Rookie

            Still not working for these users.

            • 3. Re: Agent management issue
              Dmitriy.Kolesnikov Rookie

              All options checked

              • 4. Re: Agent management issue
                cwinning CommunityTeam

                Hello,

                 

                I think it's time to open a case with Support so they can gather the required logs and other information to pinpoint the cause of this issue.

                 

                Support Portal

                 

                Thanks,

                Charles