App Control: How to Test Agent Network Connectivity (Windows)
book
Article ID: 286509
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
To test network connectivity between an endpoint and the App Control Server.
Environment
App Control Agent: All Supported Versions
Microsoft Windows: All Supported Versions
Resolution
Log in to the endpoint being tested and use a command prompt to issue the following commands:
cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli status
In the returned output, locate: Server Information > Server and note the address. Example: appserver.domain.com:41002 means the Server Address is appserver.domain.com and port is 41002.
Confirm results are successful (See Additional Notes for further reference)
Additional Information
The output of the PowerShell command should indicate that the name resolves to an IP and the TcpTest is "True"
RemoteAddress : 10.1.2.3
TcpTestSucceeded : True
If Remote address did not return the correct IP address then the DNS must be fixed
If the TcpTest is "False" then port 41002 is not accessible on the server
The output of netstat -ano | findstr "41002", should be 'ESTABLISHED' - This is necessary in order for comms to succeed between agent and server. If there is anything other than 'ESTABLISHED' (including No output), then this generally indicates some issue or other with Firewall or proxy settings, and will likely need the Infra/IT Team to help determine why Port 41002 connection was not 'ESTABLISHED', as this is not something the agent has control of, as it relies on the connection settings in order to make the 2 way communication.
If ICMP response is disabled in the environment, ping may not be successful