Client install not working without access to main server

Usage and Config Platform
1

(imported topic written by JanStraarup)

Hey everyone

I am new to Bigfix and this forum.

So i have made an installation, with a main server and 2 relays, the main server is placed in a resource domain and no clients should never have access to it.

I have made a clientsettings.cfg and used it with the setup.exe file, when i look in the registration database the relays are in place as they should be.

However the client still trys to registre to the main server.

Here is a cut out of the client log.

January 4, 2012

At 17:14:43 +0100 -

Starting client version 8.2.1093.0 built for Windows 5.0 i386

At 17:14:44 +0100 -

FIPS mode disabled by default.

At 17:14:45 +0100 -

Restricted mode

Beginning Relay Select

At 17:14:46 +0100 -

RegisterOnce: Attempting to register with ‘http://RSTEMMASTER1.resource.local:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe&ClientVersion=8.2.1093.0&Body=0&SequenceNumber=0&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-03-66-d0_10.45.105.0%2F24_10.45.105.217_0&AdapterInfo=00-50-56-c0-00-01_192.168.80.0%2F24_192.168.80.1_0&AdapterInfo=00-50-56-c0-00-08_192.168.83.0%2F24_192.168.83.1_0&AdapterIpv6=00-50-56-c0-00-01^fe80%3A%3Ad83c%3Ad223%3Aa120%3Ae0f1%2F64_0&AdapterIpv6=00-50-56-c0-00-08^fe80%3A%3A30a1%3A297b%3Aac88%3A4299%2F64_0

At 17:15:07 +0100 -

RegisterOnce: GetURL failed - General transport failure. - winsock error -6 - registration url - http://RSTEMMASTER1.resource.local:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe&ClientVersion=8.2.1093.0&Body=0&SequenceNumber=0&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-03-66-d0_10.45.105.0%2F24_10.45.105.217_0&AdapterInfo=00-50-56-c0-00-01_192.168.80.0%2F24_192.168.80.1_0&AdapterInfo=00-50-56-c0-00-08_192.168.83.0%2F24_192.168.83.1_0&AdapterIpv6=00-50-56-c0-00-01^fe80%3A%3Ad83c%3Ad223%3Aa120%3Ae0f1%2F64_0&AdapterIpv6=00-50-56-c0-00-08^fe80%3A%3A30a1%3A297b%3Aac88%3A4299%2F64_0

Regards Jan

2

(imported comment written by cstoneba)

can you post the contents of your clientsettings.cfg file? My first asumption is that something isn’t right there and the clients are trying to talk to their Main BES server for initial connections.

3

(imported comment written by JanStraarup)

__RelayServer1=http://temrelay1.domain.local:52311/bfmirror/downloads/

__RelayServer2=http://temrelay2.domain.local:52311/bfmirror/downloads/

i have replaced the domain name.

4

(imported comment written by cstoneba)

maybe yours clients can’t communicate with your temrelay1 or temrelay2 servers?

login to your client servers, then from cmd > telnet temrelay1.domain.local 52311

then press enter

if the connection works, you should see something like this:

HTTP/1.1 400 Bad Request

Server: BigFixHTTPServer/8.2.1093.0

Date: Thu, 05 Jan 2012 14:40:47 +0000

Connection: Close

Transfer-Encoding: chunked

5

(imported comment written by BenKus)

Winsock error -6 means the DNS can’t be resolved:

https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Winsock%20Error%20Codes

Ben

6

(imported comment written by JanStraarup)

Hey Again

i tested some more.

i had an error in the clientsettings.cfg so now i get a bit closer to everything running but there is still a problem.

Now with a new installation it looks like the log below, every thing seems to be ok for the first few lines.

January 9, 2012

At 11:48:27 +0100 -

Starting client version 8.2.1093.0 built for Windows 5.0 i386

FIPS mode disabled by default.

At 11:48:28 +0100 -

Restricted mode

Beginning Relay Select

At 11:48:30 +0100 -

RegisterOnce: Attempting to register with ‘http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe&ClientVersion=8.2.1093.0&Body=0&SequenceNumber=0&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:48:33 +0100 -

Unrestricted mode

Computer id changed, starting client reset

Configuring listener without wake-on-lan

Registered with url ‘http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe&ClientVersion=8.2.1093.0&Body=0&SequenceNumber=0&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

Registration Server version 8.2.1093.0 , Relay version 8.2.1093.0

At 11:48:34 +0100 -

Client resetting

Configuring listener without wake-on-lan

Unrestricted mode

At 11:48:37 +0100 -

Entering service loop

Beginning Relay Select

At 11:48:38 +0100 -

SetupListener success: IPV4/6

ShutdownListener

SetupListener success: IPV4/6

At 11:48:39 +0100 -

RegisterOnce: Attempting to register with ‘http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=1&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:49:00 +0100 -

RegisterOnce: GetURL failed - General transport failure. - winsock error -6 - registration url - http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=1&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:49:07 +0100 -

User interface process started for user ‘TLI’

At 11:49:35 +0100 -

RegisterOnce: Attempting to register with ‘http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=2&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:49:56 +0100 -

RegisterOnce: GetURL failed - General transport failure. - winsock error -6 - registration url - http://NT9TEMRELAY01.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=2&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:50:00 +0100 -

RegisterOnce: Attempting to register with ‘http://NT9TEMRELAY02.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=3&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:50:21 +0100 -

RegisterOnce: GetURL failed - General transport failure. - winsock error -6 - registration url - http://NT9TEMRELAY02.domain.com:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=8.2.1093.0&Body=9505012&SequenceNumber=3&MinRelayVersion=6.0.0.0&CanHandleMVPings=1&Root=http://RSTEMMASTER1.resource.local%3A52311&AdapterInfo=70-f3-95-04-0f-96_10.45.105.0%2F24_10.45.105.219_0&AdapterIpv6=70-f3-95-04-0f-96^fe80%3A%3A41a8%3A6a76%3A2d9%3Abe3b%2F64_0

At 11:51:07 +0100 -

7

(imported comment written by JanStraarup)

I know that -6 is DNS error but nslookup works fine and has no problems looking up the server.

8

(imported comment written by JanStraarup)

another note

it seems to work on windows xp but not on windows 7 64bit

9

(imported comment written by BenKus)

Perhaps this is related to IPv6 over VPN? We support IPv6 if it is enabled and active and we have that some VPNs react poorly to this situation.

A test would be to disable IPv6 and see if it fixes anything.

Ben

10

(imported comment written by JanStraarup)

Hey All

Thanks for the help.

It turns out that the problem was not with TEM but with mcafee HIPS, the customer was running 2 diffrent versions of HIPS on XP vs Win 7 and the problem was only there in HIPS version 8, the problem was that the Mcafee HIPS did not see the trafic as state full so it blocked all returning trafic from the server.

Mcafee has made a fix for it in HIPS version 8.1 so it is now working.

It was very strange to me that this should be a firewall problem as the telnet test worked, but i guess you learn something new every day :slight_smile:

Regards Jan