Verifying the connection between the Server and Security Agent in Worry-Free Business Security (WFBS)

Product / Version includes:

Worry-Free Business Security Standard9.0 , Worry-Free Business Security Advanced8.0 , Worry-Free Business Security StandardAll , Worry-Free Business Security Standard8.0

Last updated: 2021/08/28

Solution ID: KA-0005850

Category: Configure , Troubleshoot

Summary

Verify that the server and Security Agents are able to communicate successfully. These steps will benefit the following:

Isolating pattern and scan engine update issues
Troubleshooting clients/agents that appear offline or disconnected, or are missing in the console
VPN connection check

For WFBS 7.0, refer to the article: Performing connection checks.

To investigate communication issues between the server and the agent, you need to verify the connection:

Use the same server and client/agent for all the steps.
Make sure to take screenshots of all the results you get.
To enable the telnet command in Windows 7, follow the steps in the Microsoft article: Enabling telnet client in Windows 7.

From the Security Server, ping the IP address of the client/agent that has the issue.
On the Client Security Agent, open the Registry Editor (regedit.exe).

Important: Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.

In 64 bit environments, the product is always found in the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Note\TrendMicro\PC-cillinNTCorp\CurrentVersion hive.
Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion hive and take note of the value for the registry key "LocalServerPort". This is the client/agent port. Use the decimal value.
Go back to the Security Server, then open a command prompt and run this command:
telnet<space><client IP address><space><value of the client port>
Open Internet Explorer then type the following in the address bar:
http://<client's IP address>:<local server port>/?CAVIT
Example: http://192.168.16.10:12345/?CAVIT
If you get a result "!CRYPT!...", it means that the port is open in the client/agent and the connection from server to client/agent should work. Otherwise, there is a problem with the connection.
On the Client Server Security Agent, open the Registry Editor (regedit.exe).

Important: Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion hive and take note of the values of the following registry keys:
- "Server" - This is the server name the /agent is reporting to.
- "ServerPort" - This is the server port number of the Security Server. Use the decimal value.
If you are using WFBS 8.0 and 9.0, perform steps a-d. Otherwise, go to Step 9.

Steps 8a-8d are only necessary for issues with the Smart Scan feature, which is only available in WFBS versions 7.0 and above.
1. Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\iCRC\Scan Server hive.
2. Take note of the value for the "LocalScanServerUrl" registry key. This is the server name of the client/agent.
3. To verify if the Smart Scan server is available, open Internet Explorer, then type the following URL in the address bar:
  https://<server>:<port>/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104
  
  Example:
  
  https://10.10.12.171:4345/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104
  
  If the browser returns a File Download Security Warning pop-up window, the Scan Server is enabled and accessible:
  
  File Download: Security Warning
  Do you want to save this file?
  Name: tmcss
  Type: Unknown File Type, 4 bytes
  From: <Server_name>
  
  When using this test, the "Do not save encrypted page to disk" setting must be disabled as shown below. Otherwise, the test will fail.
  
  Make sure to use the port you find in your registry:
  
  For WFBS 8.0 or 9.0 the port normally found in the registry is 8082.
4. Go to Step 10.
From the agent, ping the server name of the Security Server.
telnet<space><server name><space><value of the server port>

For the server name, make sure to use the full name you find in the registry key "Server".

To enable the telnet command in Windows 7, follow the steps in the Microsoft article: Enabling telnet client in Windows 7.
Open Internet Explorer then type the following URL in the address bar:
- For OfficeScan: "http://<server name>:<value of the server port>/officescan/cgi/cgionstart.exe"
- For WFBS: "http://<server name>:<value of the server port>/SMB/cgi/cgionstart.exe"
If the next screen shows "-2", this means the client/agent can communicate with the server. Otherwise, there is a problem with the connection.
Send the screenshots of the results to Trend Micro Technical Supportfor further analysis.

For WFBS 7.0 or later, also send the file you obtained in Step 8c.

For offline agents, run the following command to check if the tmlisten port is open:

netsh firewall show state

Example:

firewall status

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Verifying the connection between the Server and Security Agent in Worry-Free Business Security (WFBS)

Verifying the connection between the Server and Security Agent in Worry-Free Business Security (WFBS)

Product / Version includes:

Summary