The Messaging Gateway (SMG) control center is unable to communicate with the SMG scanner resulting in a number of potential issues:

• Message audit log queries fail and / or are delayed or spin indefinitely.
• Cannot propagate configuration changes to scanners
• Unable to view Message Queues

agent_log

2018-01-09T21:41:13+05:30 (ERROR:2422.54671328): [33048] Error creating new connection: Unknown error 336150661.

BrightmailLog.log

Jan 09 2018 21:41:13 [BrightmailScheduler_Worker-33] [ScriptHelper] ERROR - com.symantec.smg.controlcenter.BrightmailException: The Agent running on 127.0.0.1 is temporarily unreachable. Please check the specified host. ; nested exception is: java.net.SocketException: Connection reset

Running netstat on the SMG scanner when it is in this state will also show a number of connections in the SYN_RECV state indicating that the TCP connections are only half open

Packet captures of connections to the affected SMG scanner also show retransmissions of the SYN-ACK indicating that on the scanner the TCP connection is only half open

This is commonly the result of third party network monitoring software opening connections to the SMG appliance on port 41002 and failing to close those connections properly.

Network security scanners can, over time, cause the agent service on Messaging Gateway to become unresponsive. 

For versions 10.8.0 and newer:

This issue has been addressed in version 10.8.0 and newer, which introduced a local internal firewall to protect port 41002. 

For versions previous to 10.8.0:

The workaround is to restart the agent service on each SMG scanner, one at a time. This should alleviate the issue temporarily.

On the command line run the command:

service agent restart.