RegisterOnce: GetURL failed - General transport failure. - 'http://127.0.0.1:52311/cgi-bin/bfenterprise/clientregister.exe?

need technical support relay and root server no network issue

bes client not reporting now and relay services also down

RegisterOnce: GetURL failed - General transport failure. - 'http://127.0.0.1:52311/cgi-bin/bfenterprise/clientregister.exe?

1.root server and relay server hostname resolution also working
2. 52311 also open and TLS 1.2 enabled

thanks

Are all the services running?

Whatever the answer, you should probably be opening a ticket with Bigfix if the client on the root server can’t report back - this forum isn’t the ideal place to get urgent technical support, especially at the weekend.

checked with bigfix support says communication issue,forum if someone had to face a similar problem the solution have deen something else

Communication issue where?

127.0.0.1 is the loopback address, the traffic never leaves your machine.

Going to need a lot more information to figure out your issue.

Do you have a ticket number from support?

As observed, 127.0.0.1 is the loopback address - is this machine a Relay? Is its parent relay reachable? Is it configure for Manual Relay Select or Automatic?

2 Likes

yes, this is a relay server I have verified root server to relay server was pinging root server DNS also reaching, i am trying to check URL

That message doesn’t look like TLS 1.2 is enabled.
Is this screenshot from the Relay attempting to connect to the Root server?
What did Support tell you? Can you share the incident number?

CS0232795

please check any solution need please

To clarify things a bit:

The client on the relay is trying to connect to 127.0.0.1, which is the loopback address. If a relay service is running on the same computer as a client the client will always try to use the relay running on the same computer via the loopback address. It will do this no matter what relay selection method you have told the client to use.

If you need to reconnect to the client, you can stop the relay service and then the client will revert to normal relay selection and find another relay. You may need to restart the BES Client service as well, if just to speed things up. This can be useful if you want to try uninstalling/re-installing the relay via fixlets.

Basically the “client on the relay is not registering with a relay” issue is not a network issue. Now the fact that the relay is also not reporting in (if I am reading your first post correctly) would point to the fact that it’s the relay that is the issue.

Could be TLS 1.2 is not enabled on the relay (I have seen this cause very similar issues) so it can’t communicate with clients, other relays, or root. Could be something else wrong with the relay configuration. I would probably start by double checking that TLS 1.2 is enabled on the relay server. If it is, then I would try running the BES Remove Utility to completely remove the relay, restart the BES Client service, wait for the client to reconnect to another relay, then re-install the relay via fixlet.

1 Like

BES Removed using utility relay and client reinstalled
Verified and enabled 100% TLS 1.2 enabled

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
“DisabledByDefault”=dword:00000000
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
“DisabledByDefault”=dword:00000000
"Enabled"=dword:00000001

RegisterOnce: Relay does not support secure registration.
RegisterOnce: Current deployment ‘x-bes-minimum-supported-relay-level’ masthead setting does not allow clear text registration

Relay does not require authentication.
Failed automatic client authentication key exchange with server message: SSL protocol not supported.

In every case I’ve tracked on that issue, there has been a firewall / proxy blocking the traffic.

Generally the layer-4 firewall is configured to allow ‘http’ on tcp/52311, but also needs to allow ‘https’.

With the https getting blocked by firewall, the client/relay would normally fallback to using http instead, but that fallback to clear-text is not allowed since 'Secure Registration’s is turned on (and has been turned on by default for several years).

Talk with your firewall team and get https on 52311 enabled.

HI it’s reporting automatically ,first registered with other some location relay server and after it was changed to our primary relay server but to root cause show to management ??? Any Idea

Yes, there is likely a firewall or proxy blocking the TLS traffic from the client to the relay.

1 Like