Policy request failed, COM error: An existing connection was forcibly closed by the remote host (0x80072746)

book

Article ID: 170617

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

Client machines are failing in getting configuration or sending basic inventory.

The agent logs shows messages like these ones:

Policy request failed, COM error: An existing connection was forcibly closed by the remote host (0x80072746)

-OR-

Error type: Network error
Error code: An existing connection was forcibly closed by the remote host (10054)


While trying to reach the actual SMP server, we were able to ping but if we tried like opening the Console, we got "page can't be displayed". If we used the actual IP Address worked. We added the IP and name references into the Host file but it didn't help.
We noticed some type of delay when we were trying to reach the get configuration or post pages.
As well if we tried to reach the NSCAP or any other share on the SMP, we either saw a long delay to reach the destination or we had to use the IP address to reach out.

Message 1:

Policy request failed, COM error: An existing connection was forcibly closed by the remote host (0x80072746)
-----------------------------------------------------------------------------------------------------
Date: 11/9/2017 2:33:53 PM, Tick Count: 574619433 (6.15:36:59.4330000), Size: 341 B
Process: AeXNSAgent.exe (1052), Thread ID: 2988, Module: AeXNSAgent.exe
Priority: 1, Source: ConfigServer
 

Message 2:

Operation 'Direct: Post' failed.
Protocol: HTTPS
Host: mySMP.domain.com:443
Path: /altiris/NS/Agent/GetClientPolicies.aspx
Id: 1818.1052
Error type: Network error
Error code: An existing connection was forcibly closed by the remote host (10054)
Error note: SocketIOStrategySyncSelect::Send error
Server HTTPS connection info:
Server certificate:
Serial number: 24 83 2c d9 99 e7 c3 b8 4a 85 ce e3 df 55 ea 58
Thumbprint: eb 5f 9e 7d dc 3f 71 08 8f f0 20 a5 fd e7 c6 13 28 4f 72 a3
Cryptographic protocol: TLS 1.0
Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
Cipher algorithm: AES
Cipher key length: 256
Hash algorithm: SHA1
Hash length: 160
Key exchange algorithm: ECDH_P256
Key length: 256
-----------------------------------------------------------------------------------------------------
Date: 11/9/2017 2:33:53 PM, Tick Count: 574619433 (6.15:36:59.4330000), Size: 1022 B
Process: AeXNSAgent.exe (1052), Thread ID: 2988, Module: AeXNetComms.dll
Priority: 1, Source: NetworkOperation

 

Cause

There was a network configuration issue. Apparently SMB traffic was not being passed properly.  Their MTU size was modified from its defaul value of 1500. They increased it to 9000 and it caused the issue. We changed back from 9000 to 1500 on the servers at that site. 

Environment

ITMS 8.1

Resolution

Check if the MTU size has been changed on the affected machine.

  1. Use netsh command that gives you the MTU size actually:

    Netsh interface ipv4 show interface
     
  2. Then, you can change it using a netsh command:

    Netsh ipv4 set subinterface “xx” MTU=1500 store=persistent
    where xx is the Idx number of the network adapter you want to change (retrieved from the first command).
     
  3. After the change, try again reaching out the pages that were failing to access.