Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Checking the connection between the server and clients in OfficeScan/Apex One

    • Updated:
    • 22 May 2019
    • Product/Version:
    • Apex One 2019
    • Apex One All.All
    • OfficeScan 10.6
    • OfficeScan 11.0
    • OfficeScan 11.0
    • OfficeScan XG
    • OfficeScan XG.All
    • Platform:
    • Windows 10 32-bit
    • Windows 10 64-bit
    • Windows 2003 Datacenter 64-bit
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Server R2
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2008 32-Bit
    • Windows 2008 64-Bit
    • Windows 2008 Datacenter
    • Windows 2008 Datacenter 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Server Core
    • Windows 2008 Server R2 Enterprise
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
    • Windows 2008 Web Server Edition
    • Windows 2008 Web Server Edition 64-bit
    • Windows 2012 Datacenter R2
    • Windows 2012 Enterprise
    • Windows 2012 Enterprise R2
    • Windows 2012 Server Essential R2
    • Windows 2012 Server Essentials
    • Windows 2012 Standard
    • Windows 2012 Standard R2
    • Windows 2012 Web Server Edition
    • Windows 7 32-Bit
    • Windows 7 64-Bit
    • Windows 8 32-Bit
    • Windows 8 64-Bit
    • Windows 8.1 32-Bit
    • Windows 8.1 64-Bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Home
    • Windows XP Professional
    • Windows XP Professional 64-bit
Summary

Confirm that the server and OfficeScan clients are able to communicate successfully. These steps are useful in:

  • Isolating pattern and scan engine update issues
  • Troubleshooting clients/agents that appear offline or disconnected, or are missing in the console
  • VPN connection check
Details
Public

To investigate communication issues between the server and the client, you need to verify their connection: 

 

OfficeScan and Apex One use 2-way communication. The agent connects to the server for updates, log uploads, quarantine uploads, and other processes. The server will make connections to the agents to verify their Online/Offline status, as well as to notify agents of changes to configurations and available updates.

More information on the necessary ports and protocols can be found at Ports and protocols used by OfficeScan that should be allowed through a firewall or router.

Please also review this article regarding HTTPS / TLS traffic: Potential issues with HTTPS communication in OfficeScan XG Service Pack 1.

  1. Identify the agent IP and listening port:
    • To identify from the server, navigate to Agents > Agent Management > Locate the endpoint.

      You can identify the IP Address for the endpoint, and the listening port configured.

       
      For accurate results, the IP address should be verified on the agent side as communication issues could prevent the IP Address from updating on the console correctly when it changes at the endpoint.

      Check connection

    • To identify from the endpoint, open a command prompt and run ipconfig to find the IP Address, and then right-click on the agent iconin the system tray and choose "Component Versions".

      At the top of the window will display the listening port.

      Check connection

  2. On the OfficeScan/Apex One server:
    1. Open Internet Explorer.
    2. In the address bar, enter the following address replacing the IP and port where indicated:

      https://<endpoint IP>:<agentport>/?CAVIT

      CAVIT must be capitalized. For agents before OfficeScan XG SP1, http must be used instead of https as the communication did not switch to https until XG SP1.

    3. Hit Enter.

      For a successful connection, a warning about the certificate will appear. This is expected as the agent uses an internal signed certificate. Proceed past the warning and a page with a string of text starting with !CRYPT! should appear.

      If an error or blank page appears, this test is failed and communication is not occurring.

      Check connection

      Check connection

  1. Identify the Server IP/FQDN and listening ports.
    • IP/FQDN can be gotten from the web console address, ipconfig as in Step 1, or web console by Web Console > Administration > Agent Connection.
    • Ports can be identified either by:
      • Web Console > Administration > Agent Connection
      • IIS Manager > Sites > OfficeScan > Edit Bindings

        Check connection

  2. Open a web browser on the testing endpoint.
  3. In the address bar, enter the following address replacing the IP and port where indicated:

    https://<OSCE|Apex One SERVER IP>:<https port>/officescan/cgi/cgionstart.exe

    For agents before OfficeScan XG SP1, http must be used instead of https as the communication did not switch to https until XG SP1. The HTTP port (default 8080) should also be used in this case.

    A blank page with a -2 should appear in the upper-left if successful.

  4. Also verify if the agent is configured to use these correct ports and IP/FQDN:
    1. Right-click the agent in the system tray.
    2. Choose "Component Versions".
    3. Verify the Server name/port: line is correct.

      Check connection

From a testing endpoint, open a web browser and enter the following address replacing the IP and port where indicated:

https://<OSCE|Apex One Server IP/FQDN>:<HTTPS PORT>/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104

Example:

Check connection

Result:

Check connection

When using this test, the "Do not save encrypted page to disk" setting must be disabled as shown below. Otherwise, the test will fail.

Check connection

If any of the above steps failed, we will want to verify we can reach the remote port on the machine to verify if the port is blocked/closed, or we are getting an unexpected response.

To test a port before Windows 8.1/2012 R2:

  1. Download the PortQry Tool from Microsoft and extract it to the machine you want to test from.
  2. Run from a command-line:

    PortQry.exe –n <remote IP/FQDN> -e <port>

    Example from server to endpoint using information from above:

    Check connection

    Example from endpoint to server using information from above:

    Check connection

To test a port from Windows 8.1/2012 R2 and up:

  1. Open a Powershell window on the machine testing from.
  2. Use the Test-NetConnection command:

    Test-NetConnection –ComputerName “<ComputerName>” (or IP) –Port <PortNumber>

    Example from server to endpoint using information from above:

    Check connection

    Example from endpoint to server using information from above:

    Check connection

  1. Open a command prompt on the machine to verify.
  2. Run the following command to verify the port state with the Windows Firewall:

    Netsh firewall show state

    Example:

    Check connection

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1037975
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.