ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Status of SEPM Controller connection is "Authentication error"


Article ID: 225661


Updated On:


Endpoint Detection and Response


Status of SEPM Controller connection is "Authentication error".

Previously, the status was "Healthy" and no changes were made to the configuration of the SEPM Controller connection on the Settings > Global page of EDR UI.


Multiple possible causes: 

  • cannot connect from EDR to SEPM,
  • name resolution fails
  • cannot create an SSL connection from EDR to SEPM,
  • SSL certificate expired
  • invalid credentials for connecting to SEPM


To test for basic TCP connectivity, use tcp_check -t IP_OF_SEPM
To check name resolutions, use tcp_check -t NAME_OF_SEPM
To test for SSL connectivity, use tcp_check -s NAME_OF_SEPM
To test SEPM credentials, use those credentials to login to SEPM

DNS checks, check certificate for SAN entries and expiration date. 

record pcap while editing and saving SEPM Controller connection