Status of SEPM Controller connection is "Authentication error".

Previously, the status was "Healthy" and no changes were made to the configuration of the SEPM Controller connection on the Settings > Global page of EDR UI.

Multiple possible causes: 

• cannot connect from EDR to SEPM,
• name resolution fails
• cannot create an SSL connection from EDR to SEPM,
• SSL certificate expired
• invalid credentials for connecting to SEPM

To test for basic TCP connectivity, use tcp_check -t IP_OF_SEPM
To check name resolutions, use tcp_check -t NAME_OF_SEPM
To test for SSL connectivity, use tcp_check -s NAME_OF_SEPM
To test SEPM credentials, use those credentials to login to SEPM

DNS checks, check certificate for SAN entries and expiration date. 

record pcap while editing and saving SEPM Controller connection