Unable to Download Packages when Client Machines are in CEM mode. SMP as their Internet Site Server

book

Article ID: 185398

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

CEM (Cloud-Enabled Management) Clients are unable to download packages while off-network. CEM clients are able to connect successfully and can update configuration and send basic inventory, but packages are not downloading. 
 
The customer has the following setup:
  • They only have one Site Server
  • Their SMP is their Site Server
  • Their SMP is also their Internet Site Server 
  • No other Site Servers are present on their environment

The CEM machine agent log shows entries like:

Download Snapshot: https://SMPserver.domain.com/Altiris/PS/getpackagesnapshot.asp?Resource={53FE9312-F1D2-46C7-8842-E9874CE500B2}&PackageId={38D69D83-1C94-40EC-AAD1-26CB765AF9EF}&compress=1
-----------------------------------------------------------------------------------------------------

Operation 'CEM: Get' failed.
Protocol: HTTPS
Host: 
SMPserver.domain.com:443
Path: /Altiris/PS/getpackagesnapshot.asp
Connection Id: 12.1256
Communication profile Id: {E1E07D92-B3D8-4A75-BEC2-4961B2A48378}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 404: The requested URL does not exist on the server or the server is down (0x8FA10194)
Error note: Empty response content received
------------------------------
-----------------------------------------------------------------------


Download Snapshot failed: HTTP status 404: The requested URL does not exist on the server or the server is down (-1885273708)
-----------------------------------------------------------------------------------------------------


Error while downloading package: HTTP status 404: The requested URL does not exist on the server or the server is down
-----------------------------------------------------------------------------------------------------



Looking at the Gateway, we only see this type of error:

Exception during receive from [ip:106.28.51.192:53292, id:1bfb5e69-6c0b-44f1-acbb-8dba56cc98f0, type: Client, disposed: False] and sending to [ip:132.14.253.27:55576[132.14.123.125:4726], id:7746155b-a846-415d-a521-261a3794a060, type: Server, disposed: False]: System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
--- End of inner exception stack trace ---

Cause

Misconfiguration. Having the SMP as the only available Site Server and also their assigned Internet Site Server, it is a scenario that was not tested nor recommended. 

Since the SMP is the only Site Server, having it assigned as their Internet Site Server was redundant and caused this issue (conflict on getting the right package references).

It is recommended to have a separate Site Server that could also function as the Internet Site Server rather than the SMP itself.

Environment

ITMS 8.5 RU3

Resolution

Remove the SMP as Internet Site Server:

  1. On the SMP Console, go to Settings>Notification Server>Site Server Settings>Site Management>Internet Sites>Default Internet Site>Site Servers 
  2. Remove the SMP as Internet Site Server
  3. Update configuration on CEM client. Packages should start downloading.

Additional Information

Agent Entry 1:

Download Snapshot: https://SMPserver.domain.com/Altiris/PS/getpackagesnapshot.asp?Resource={53FE9312-F1D2-46C7-8842-E9874CE500B2}&PackageId={38D69D83-1C94-40EC-AAD1-26CB765AF9EF}&compress=1
-----------------------------------------------------------------------------------------------------
Date: 2/19/2020 2:16:45 PM, Tick Count: 88671484 (1.00:37:51.4840000), Size: 434 B
Process: AeXNSAgent.exe (1256), Thread ID: 1464, Module: AeXPackageDelivery.dll
Priority: 4, Source: PackageDownload


 

Agent Entry 2:

Operation 'CEM: Get' failed.
Protocol: HTTPS
Host: 
SMPserver.domain.com:443
Path: /Altiris/PS/getpackagesnapshot.asp
Connection Id: 12.1256
Communication profile Id: {E1E07D92-B3D8-4A75-BEC2-4961B2A48378}
Throttling: 0 0 0
Error type: HTTP error
Error code: HTTP status 404: The requested URL does not exist on the server or the server is down (0x8FA10194)
Error note: Empty response content received
Server HTTPS connection info:
Server certificate:
Serial number: 0e 4a 79 82 9c 39 94 25 5d 78 b0 f6 01 74 bd 78
Thumbprint: 72 ec 81 75 f5 f9 cc 41 58 52 95 5a 43 94 c7 7f f9 59 8f 3f
Cryptographic protocol: TLS 1.2
Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Cipher algorithm: AES
Cipher key length: 256
Hash algorithm:
Hash length: 0
Key exchange algorithm: ECDH
Key length: 255
Gateway HTTPS connection info:
Server certificate:
Serial number: 36 38 3d 03 33 42 b3 17 00 00 00 00 50 f8 0f f0
Thumbprint: 54 f8 d4 a9 5e de 37 88 a7 37 3f bc 78 81 20 45 9c ae f9 5c
Cryptographic protocol: TLS 1.2
Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Cipher algorithm: AES
Cipher key length: 256
Hash algorithm:
Hash length: 0
Key exchange algorithm: ECDH
Key length: 255
-----------------------------------------------------------------------------------------------------
Date: 2/19/2020 2:16:45 PM, Tick Count: 88671734 (1.00:37:51.7340000), Size: 1.53 KB
Process: AeXNSAgent.exe (1256), Thread ID: 1464, Module: AeXNetComms.dll
Priority: 1, Source: NetworkOperation

 


Agent Entry 3:

Download Snapshot failed: HTTP status 404: The requested URL does not exist on the server or the server is down (-1885273708)
-----------------------------------------------------------------------------------------------------
Date: 2/19/2020 2:16:45 PM, Tick Count: 88671734 (1.00:37:51.7340000), Size: 370 B
Process: AeXNSAgent.exe (1256), Thread ID: 1464, Module: AeXPackageDelivery.dll
Priority: 1, Source: PackageDownload

 


Agent Entry 4:

Error while downloading package: HTTP status 404: The requested URL does not exist on the server or the server is down
-----------------------------------------------------------------------------------------------------
Date: 2/19/2020 2:16:45 PM, Tick Count: 88671734 (1.00:37:51.7340000), Size: 363 B
Process: AeXNSAgent.exe (1256), Thread ID: 1464, Module: AeXPackageDelivery.dll
Priority: 1, Source: PackageDelivery



Gateway Log Entry:


Exception during receive from [ip:106.28.51.192:53292, id:1bfb5e69-6c0b-44f1-acbb-8dba56cc98f0, type: Client, disposed: False] and sending to [ip:132.14.253.27:55576[132.14.123.125:4726], id:7746155b-a846-415d-a521-261a3794a060, type: Server, disposed: False]: System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
--- End of inner exception stack trace ---
at System.Net.Security.SslStreamInternal.<FillBufferAsync>g__InternalFillBufferAsync|38_0[TReadAdapter](TReadAdapter adap, ValueTask`1 task, Int32 min, Int32 initial)
at System.Net.Security.SslStreamInternal.ReadAsyncInternal[TReadAdapter](TReadAdapter adapter, Memory`1 buffer)
at System.Threading.Tasks.TaskToApm.End[TResult](IAsyncResult asyncResult)
at System.Net.Security.SslStream.EndRead(IAsyncResult asyncResult)
at InternetGateway.SslSocket.SafeRead(IAsyncResult res)
-----------------------------------------------------------------------------------------------------
Date: 2/19/2020 2:12:07 PM, Tick Count: 0 (00:00:00), Size: 1.24 KB
Process: InternetGateway (6200), Thread ID: 31, Module: InternetGateway.exe