Error 3900: Internal Communications error

book

Article ID: 170745

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

System alerts generated in the Enforce console for an error with the connection to the endpoint server. 

"Internal communications error. Please see Aggregator.log for errors. Search for the string TC - Unexpected Exception"

File: Endpoint_Server\logs\debug\Aggregator5.log
Date: 11/2/2017 6:40:50 PM
Class: com.symantec.dlp.communications.common.activitylogging.JavaLoggerImpl
Method: log
Level: SEVERE
Message:  
java.lang.IllegalStateException: SSLEngine already closed
    at org.jboss.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1074)
    at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(SslHandler.java:623)
    at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
    at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:784)
    at org.jboss.netty.channel.SimpleChannelHandler.writeRequested(SimpleChannelHandler.java:292)
    at org.jboss.netty.channel.SimpleChannelHandler.handleDownstream(SimpleChannelHandler.java:254)
    at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
    at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:582)
    at org.jboss.netty.channel.Channels.write(Channels.java:704)
    at org.jboss.netty.channel.Channels.write(Channels.java:671)
    at org.jboss.netty.channel.AbstractChannel.write(AbstractChannel.java:248)
    at com.symantec.dlp.communications.transportlayer.impl.NettyTransportConnection$WriteOutboundDataTask.run(NettyTransportConnection.java:1588)
    at com.symantec.dlp.communications.transportlayer.impl.PrioritizedTaskQueue.run(PrioritizedTaskQueue.java:74)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
TC - Unexpected exception  for connection number 1898, '<endpoint agent>' at 2017-11-02 06:40:50. Write failed.Connection statistics

Cause

This happens because the connection to the agent was lost unexpectedly. The server didn't gracefully close the connection. We generate a system event upon unexpected connection closures.

The error is reproducable.  Killing the connection during communication between the endpoint agent and the endpoint server should reproduce the error.

Environment

Seen in DLP 14.6

Resolution

This is possibly caused by a misconfiguration in the agent configuration.  Try creating a new agent config and leaving the advanced agent configuration as close to the default as possible. 

The nature of this error is not something that we can change (probably).  If this error persists after updating the agent config, then it will have to be an expected event for the environment.