You notice the Symantec Endpoint Protection (SEP) Client is not connecting to the Symantec Endpoint Protection Manager (SEPM), as the green dot is missing from the Symantec shield icon in the system tray (or in the Clients tab in the SEPM console).
Windows systems
To test connectivity from a SEP client to the SEPM type the following URL in a web browser on the client:
http(s)://[SEPM_ADDR:COMMUNICATION_PORT]/secars/secars.dll?hello,secars
A successful connection returns a web page that displays "OK."
Linux systems
Use the following command to perform a test, where SEPM_IP_OR_HOSTNAME is the IP address or hostname of the management server, and PORT is the appropriate port number.
# curl -k http(s)://SEPM_IP_OR_HOSTNAME:COMMUNICATION_PORT/secars/secars.dll?hello,secars
Doing so will return the HTTP response code. 200 OK, if reachable. Alternatively, using wget on the above URL will download the response page.
If testing an HTTP connection, the default port is 8014. If testing HTTPS, the default port is 443 and does not need to be explicitly given. If you have customized these ports in the SEPM configuration, then be sure to use the proper values here.
Proxy blocking content:
In some cases, the SECARS test outlined above may work, but content/definitions may still not download if containers are blocked by an interposing perimeter device or proxy. If the SECARS test works but the client logs show that it us unable to download policy files or definitions from the Symantec Endpoint Protection Manager test the below command line in a browser.
Windows:
http(s)://<sepm.ip.address_or_hostname>:<sepm.communication.port>/content/contentinfo.txt
-- You should normally see a catalog text file display in the browser session. If you do not the client is being restricted by Windows or a proxy from downloading container files.
Example : http://SEPM.IP:8014/content/contentinfo.txt/ OR http://SEPM.Hostname:8014/content/contentinfo.txt
https://SEPM.IP:443/content/contentinfo.txt/ OR https://SEPM.Hostname:443/content/contentinfo.txt
Linux:
# curl -k http(s)://<sepm.ip.address_or_hostname>:<sepm.communication.port>/content/contentinfo.txt
-- You should see a text file called contentinfo.txt downloaded to the directory you executed the command from.
Example : curl -k http://SEPM.IP:8014/content/contentinfo.txt OR curl -k http://SEPM.Hostname:8014/content/contentinfo.txt
curl -k https://SEPM.IP:443/content/contentinfo.txt OR curl -k https://SEPM.Hostname:443/content/contentinfo.txt