The Messaging Gateway (SMG) control center is unable to communicate with the SMG scanner resulting in a number of potential issues:
2018-01-09T21:41:13+05:30 (ERROR:2422.54671328):  Error creating new connection: Unknown error 336150661.
Jan 09 2018 21:41:13 [BrightmailScheduler_Worker-33] [ScriptHelper] ERROR - com.symantec.smg.controlcenter.BrightmailException: The Agent running on 127.0.0.1 is temporarily unreachable. Please check the specified host. ; nested exception is: java.net.SocketException: Connection reset
Running netstat on the SMG scanner when it is in this state will also show a number of connections in the SYN_RECV state indicating that the TCP connections are only half open:
smg [10.7.5-4]> netstat -tn | grep 41002
tcp 0 0 192.168.100.25:41002 192.168.100.100:59162 SYN_RECV
tcp 0 0 192.168.100.25:41002 10.255.1.44:51440 SYN_RECV
tcp 0 0 192.168.100.25:41002 10.255.1.44:51446 SYN_RECV
tcp 0 0 192.168.100.25:41002 10.255.1.44:51450 SYN_RECV
tcp 0 0 192.168.100.25:41002 10.255.1.44:51448 SYN_RECV
tcp 0 0 192.168.100.25:41002 10.255.1.44:51442 SYN_RECV
tcp 0 0 192.168.100.25:41002 192.168.100.100:59160 SYN_RECV
Packet captures of connections to the affected SMG scanner also show retransmissions of the SYN-ACK indicating that on the scanner the TCP connection is only half open:
Network security scanners can, over time, cause the agent service on Messaging Gateway to become unresponsive.
The workaround is to restart the agent service on each SMG scanner, one at a time. This should alleviate the issue temporarily.
On the command line run "service agent restart".
This issue will be addressed with a future release but until then it's best to exempt port 41002 on the Messaging Gateway from internal port scans.