How to test communication from an Endpoint Protection client to the Manager
search cancel

How to test communication from an Endpoint Protection client to the Manager

book

Article ID: 151316

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Security Endpoint Security Complete

Issue/Introduction

You notice the Symantec Endpoint Protection (SEP) Client is not connecting to the Symantec Endpoint Protection Manager (SEPM), as the green dot is missing from the Symantec shield icon in the system tray (or in the Clients tab in the SEPM console).

Resolution

Windows systems

To test connectivity from a SEP client to the SEPM type the following URL in a web browser on the client:

http(s)://[SEPM_ADDR:COMMUNICATION_PORT]/secars/secars.dll?hello,secars

 

A successful connection returns a web page that displays "OK." 

 

Linux systems

Use the following command to perform a test, where SEPM_IP_OR_HOSTNAME is the IP address or hostname of the management server, and PORT is the appropriate port number.

# curl -k http(s)://SEPM_IP_OR_HOSTNAME:COMMUNICATION_PORT/secars/secars.dll?hello,secars

 

Doing so will return the HTTP response code. 200 OK, if reachable. Alternatively, using wget on the above URL will download the response page.

Additional Information

If testing an HTTP connection, the default port is 8014. If testing HTTPS, the default port is 443 and does not need to be explicitly given. If you have customized these ports in the SEPM configuration, then be sure to use the proper values here.



Proxy blocking content:
In some cases, the SECARS test outlined above may work, but content/definitions may still not download if containers are blocked by an interposing perimeter device or proxy.  If the SECARS test works but the client logs show that it us unable to download policy files or definitions from the Symantec Endpoint Protection Manager test the below command line in a browser.

Windows:
http(s)://<sepm.ip.address_or_hostname>:<sepm.communication.port>/content/contentinfo.txt

-- You should normally see a catalog text file display in the browser session.  If you do not the client is being restricted by Windows or a proxy from downloading container files.

Example : http://SEPM.IP:8014/content/contentinfo.txt/ OR  http://SEPM.Hostname:8014/content/contentinfo.txt

                 https://SEPM.IP:443/content/contentinfo.txt/  OR https://SEPM.Hostname:443/content/contentinfo.txt

Linux:
# curl -k http(s)://<sepm.ip.address_or_hostname>:<sepm.communication.port>/content/contentinfo.txt

-- You should see a text file called contentinfo.txt downloaded to the directory you executed the command from.

Example : curl -k http://SEPM.IP:8014/content/contentinfo.txt OR curl -k http://SEPM.Hostname:8014/content/contentinfo.txt

                 curl -k https://SEPM.IP:443/content/contentinfo.txt  OR curl -k https://SEPM.Hostname:443/content/contentinfo.txt