Symantec Download Manager unable to reach cloud resources

book

Article ID: 221136

calendar_today

Updated On:

Products

Endpoint Protection Cloud

Issue/Introduction

You created the Symantec Endpoint Security (SES) Cloud agent (Symantec_Agent_setup.exe) from the Integrated Cyber Defense Manager (ICDm). When you launch the Symantec Endpoint Security (SES) Cloud agent installation (Symantec_Agent_setup.exe) on a Windows system, it failed with the following error messages.

Cause

FSDLauncher. Log
2021-06-12-01-31-22-146 : 0x15B0 : Error : Unable to connect https://usea1.r3.securitycloud.symantec.com/r3_epmp_i/status, hr 0x80072F8F

Environment

SES, SEP 14.x

Resolution

Use PSEXEC.EXE to SPOC Test with SYSTEM account and determine if Symantec Endpoint Security (SES) is able to communicate with Symantec the ICDm cloud console and connect specific URLs that Symantec owns to perform multiple functions.   The following procedure is provided as an example of how you can use the Microsoft SysInternal tool PsExec.exe test the connections.  

For a free download of PsExec.exe, and information about this tool, visit PsTools Jump in the Windows Sysinternals web site on TechNet.
 
Download PSExec from Microsoft Sysinternal tools
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

We will use the PSExec tool here to do a SPOC Test with SYSTEM account.  SPOC is the Cloud notification service which get used to notify the client to check into the cloud services.

1. Copy or move the psexec.exe to new folder ‘Ex: C:\test’

2. Go to the DOS Command Prompt as local Administrator

3. Run Powershell.exe

4. Type the following command to launch a second Powershell cmdlet

Start-Process -FilePath cmd.exe -Verb Runas -ArgumentList '/k C:\Path\To\psexec.exe -i -s powershell.exe'

Note: The path to the psexec.exe should be C:\test\psexec.exe

5. Type the command to validate SYSTEM account

whoami

Expected result - NT authority\system

6. Invoke the following test commands

Test-NetConnection sep.securitycloud.symantec.com -Port 443
Test-NetConnection usea1.r3.securitycloud.symantec.com -Port 443
Test-NetConnection us.spoc.securitycloud.symantec.com -Port 443
Test-NetConnection usea1.r3.securitycloud.symantec.com -Port 443
Test-NetConnection liveupdate.symantec.com -Port 443
Test-NetConnection liveupdate.symantecliveupdate.com -Port 443

 

Example of the results you will get:

  Test-NetConnection us.spoc.securitycloud.symantec.com -Port 443
  Expected result
  ComputerName     : us.spoc.securitycloud.symantec.com
  RemoteAddress    : <REMOTE IP>
  RemotePort       : 443
  InterfaceAlias   : tap91327765-c0
 SourceAddress    : <Local IP>
 TcpTestSucceeded : True

7. Type Exit to quit

If any of the above tests fail, please consult your local network administrator to help determine why.  A failure of the above is a result of a bad network path.

 

Additional Information

URLs that allow SEP and SES to connect to Symantec servers
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Troubleshooting/urls-to-whitelist-for-v129099891-d4155e9710.html

Firewall requirements
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/cloud-workload-protection/1-0/Getting_Started_1/firewall-requirements-in-v121465361-d187e8066.html

Another cause for the same error could be a missing certificate. Please verify that the certificate for usea1.r3.securitycloud.symantec.com is installed as per this article:

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Troubleshooting/installing-root-certificates-v129851161-d4155e10147.html

Attachments