Network scanner communication error with the management platform

Release : 4.4.0

Multiple possible causes...

• Version mismatch between EDR scanner and EDR management server
• Network communications issue between EDR scanner and EDR Management Server
• Service down on EDR management server (usually the web UI will also be down in this scenario)

PLEASE NOTE: For a network scanner to communicate with its configured management appliance it must be using the same version of EDR as the management appliance.

If you are still experiencing communication errors between the scanner and its manager please complete the following steps to assist in triaging the issue.

1. Navigate to the web UI of the EDR management server
2. On Settings > Appliances, note how many EDR appliances are present
3. If EDR has only a single Appliance with both the Management and Scanner roles on the same machine, collect a diagnostic and contact support. 
4. Open the property sheet for the EDR appliance with the Management role confirm the version.
5. Open the property sheet for each individual scanner. On each property sheet, hover the mouse over the halo (the big ring around the scanner graphic icon). Note which scanners display the message "Network scanner communication error with the management platform"
6. For each scanner which shows "Network scanner communication error with the management platform" on its halo, at the CLI prompt of the EDR scanner, confirm the software version by typing: show -v
7. If output from show -v does not match the software version of the EDR Management server from the web UI, check whether a previous update failed by typing: update status
8. If update status shows an error, troubleshoot and resolve before continuing
9. To check the scanner for trouble, type: status_check
10. If status_check indicates a problem communicating with the Management Server, type: tcp_check -t IP_OF_MGMT_SERVER -p 5672
11. If the basic tcp_check works, check SSL communications by typing: tcp_check -v -s IP_OF_MGMT_SERVER -p 5672
12. To check for a service failure on the CLI of the management server, type: status_check
13. To confirm the tcp packets are arriving to port 5672, on the CLI of the management server, type: tcpdump -p 5672
14. While tcpdump is running on the Management server, on the CLI of the scanner, repeat the tcp_check -t and tcp_check -s commands.

If the triage routine does not point to a cause collect a diagnostic from the Management Server (see Downloading SEDR diagnostics from the appliance web interface for steps on how to generate and download the files), and screenshots of the CLI output from the scanners with the message, then create a case with BROADCOM SUPPORT.