What to do if I change IP address and hostname of Symantec Endpoint Protection Manager (SEPM) computer.
Symantec Endpoint Protection (SEP) clients uses host name and IP address of SEPM to communicate with.
If you change host name and IP address of SEPM, existing clients will not be able to establish communication because there is no way to obtain new host name and IP address of SEPM.
SEPM Web console also displays a certificate error. This is because SEPM's IP address and computer name are different from those of the certificate.
To minimize the impact on the SEP client, before changing host name and IP address of SEPM, assign a management server list that uses the new host name and IP address, and the current host name and IP address. This allows SEP client to continue to communicate with SEPM after hostname and IP address is changed.
To avoid this problem, generate a new certificate after changing SEPM computer name and IP address, and match the SEPM/SEP client certificate information with the new computer name and IP address.
This procedure applies when SEPM and SEP clients communicate only over HTTPS.
You may need to be careful when recreating a certificate. The certificate change affects HTTPS communication between SEPM and SEP.
For the certificate renewal procedure that does not interfere with SEPM/SEP client communication, see the following technical information.
Update the server certificate on the management server without breaking communications with the client
Note: If the management server list is set incorrectly, SEP client will not be able to establish communication with SEPM. Pay close attention to your settings to ensure that you do not apply incorrect settings. We recommend that you assign settings to test groups in advance and check that there are no problems with the settings.
See the following technical information about certificate generation and the relationship with SEPM/SEP communication.
Generating a new server certificate
Best practices for updating server certificates and maintaining the client-server connection
If you are running SEPM 14.3 RU1 (14.3.3384.1000) and later, check Reconfiguring Symantec Endpoint Protection Manager after changing the computer's IP address and host name.
If you are using Microsoft SQL Server as the database server, and you are using a Microsoft SQL database on the same computer as SEPM, the server name used for ODBC connections is changed after the host name change. (only change the computer name of SEPM)
Follow the instructions to correct the server name used for ODBC connections.