policy manager can not be accessed in fsecure 12.4 (administration module - a connection with the server cannot be established)

Aspirant

Re: policy manager can not be accessed in fsecure 12.4 (administration module - a connection with the server cannot be established)

doing https://<ip of server>:443. the output directs me to the login of the Outlook Web access ... as required while using https://<ip of server>:8085 comes up with a login for f-secure. after login

F-Secure Policy Manager Server

Wenn diese Meldung angezeigt wird, ist F-Secure Policy Manager Server installiert und funktioniert ordnungsgemäß. Sie können nun über die F-Secure Policy Manager-Konsole eine Verbindung herstellen.

Der Host-Schnittstellenstatus von F-Secure Policy Manager Server kann hier überprüft werden.

Berichte können mithilfe der F-Secure Policy Manager Web-Berichterstellung angezeigt werden.

Der öffentliche Schlüssel der F-Secure Policy Manager Server-Verwaltung, mit dem die Gültigkeit verteilter Richtlinien überprüft wird, kann hier heruntergeladen werden

 

which means Roughly translated ... it works ... ehrn clicking the report function it comes up with a report on the Web Reporting Port i defined with 8083 showing the status of all pcs connected and the aproximmate details

 

but still no polciy manger when trying to log in is keeps saying connection can not be established.

I deactivated the windows firewall but no changes, Interesting is that the corresponding msg window states "Cant connect to dc01.elora.intern:8080". Where he gets the 8080 from ?

 

As port 8080 always has been in use by other applications we definded the ports at installation as shown in the screenshot above and it worked for some time.

 

Aspirant

Re: policy manager can not be accessed in fsecure 12.4 (administration module - a connection with the server cannot be established)

Well it seems to be solved somehow... have to check if everything works.
In the polcymanager login I added a new host (modifed an exisiting) that reads https://localhost:8085

at least i get the policy manager window and it seems as if i am able to distribute rules.

But still 2017-11-06 17_09_58-192.168.1.100 - Remotedesktopverbindung.png

 

and the really funny thing about it is that it worked for sometime just with https://localhost

 

 

 

F-Secure

Re: policy manager can not be accessed in fsecure 12.4 (administration module - a connection with the server cannot be established)

Hello noknowhow,

Did you try my previous suggestion to set RestrictLocalhost to 0? You show screenshot where Status Monitor tries to connect PM via dc01…, while according to registry screenshot PM’s admin port listens on localhost interface only. Unfortunately I do not have your FSMS_STATUS_QUERY entries from request logs, so cannot say for sure if that is the exact reason.

Another question: why does Status Monitor connects to PM via dc01… but not localhost as should be by default. Did you change the Status Monitor’s configuration manually? As PMC now connects fine, if my assumption is right and you do not need to run PMC on remote hosts, it is enough to change computer name in the Status Monitor’s configuration to localhost. Even without touching RestrictLocalhost it should connect to all ports successfully.

As for port 8080: Policy Manager Consoles uses default admin port to connect PM even though connection string does not have it. So, if you change port to non-default at PMS, you have to change it in PMC’s connection URL as well. Everything works transparently with default ports, but agree, not that obvious if using non-defaults. I’ll talk with dev team and discuss if it possible to improve the logic…

Aspirant

Re: policy manager can not be accessed in fsecure 12.4 (administration module - a connection with the server cannot be established)

As i tried it from the server only .. localhost and dc01... where the same machine but i forgot that they do not use the same ip 127.0.0.1 is definetly not 192.168..... shame on me

of course you are right ... as i am on the server via rdp i do not need to administer anything on an other maschine.

So one thing remains ... some previous version has worked with https://localhost while it has to read https://localhost:8085. Im pretty sure about it as i initialy made the setup with the modified ports. Maybe the Hosts File or a meanwhile changed switch had some information that translated the ip.

Anyhow i guess i'll never  find out about that part.

 

Thank you for your help and consider this case as solved