Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - LanGuard Section
  3. Articles

LanGuard Agent's Status Is Listed as 'Unable to Contact Server' in the Console

Overview

The GFI LanGuard console displays Unable to contact server in the Agent Status pane of the Overview tab.

Environment

  • GFI LanGuard
  • All supported environments

Root Cause

The Unable to contact server message appears in three situations, all of which revolve around program update failures:

  1. The agent fails to connect to the LanGuard server communications port (1070 by default).
  2. An agent fails to download program update files via the LanGuard Server or Relay Agent.
  3. The agent is able to download the update files successfully, but the import process fails to put the patch/vulnerability definitions into the patch/vulnerability databases (this will usually resolve itself during later updates).
The Resolution section below addresses the first of these situations. Note that the GFI LanGuard agent communicates to the LanGuard server's communication port at the following times:
  • Once daily between the hours of 10 AM and 5 PM, it requests program updates (new patch and vulnerability definitions and other program components).
  • When it begins a scan, it does a check of program updates.
  • When it begins a scan (after attempting a program updates session), it sends a Scan Notification 'Post' message directly to the LanGuard server.
  • When it finishes its scan it sends a Scan Notification 'Post' message directly to the LanGuard server.

When using relay agents, all requests for Program Updates go to the relay agent communication port. However, all Scan Notification Messages will go directly to the LanGuard server's communication port. You can see these communications in the LanGuard server or Relay Agent Debuglogs\HTTPD\Access.log.xxxxx files.

When these communications fail the agent will put a message in its Servers\<GUID> directory that the LanGuard server will pick up and display.

Resolution

There are two different resolutions depending on whether the agent is or is not using a relay.  See the appropriate section below based on your setup:

When the agent IS NOT using a relay:

  1. Ensure the communication server port is open on the GFI LanGuard server. This setting is specified under Agents Settings > General tab (port 1072 by default):

    • This can be tested by running the following command from the command line:
Netstat -ano | find ":<port>" (ex. netstat -ano | find ":1072")
    • Check that there are two httpd.exe processes listed in Task Manager and that the Command Line entry references the C:\Program Files (x86)\GFI directory.

      User-added image
  2. Ensure that the GFI LanGuard server's local firewall has an exclusion for the port.
  3. Ensure the agent can access the GFI LanGuard server's communication server port:
    • This can be tested from any agent machine by connecting to http://<LanguardServerIP>:port/files/update/index.txt  (e.g. http://192.168.1.200:1072/files/update/index.txt). This should return a page with a single number.
    • Alternately you can test by using the telnet command from the command prompt:
telnet <LanGuard_IP> <port>
ex. telnet 192.168.1.200 1072


NOTE: You may have to install the telnet client from Programs and Features or Add Remove Programs.

When the agent IS using a relay:

  1. Make sure the port used by the relay agent is open. This setting is specified in the console under <Relay Computer> Properties > Relays tab > Advanced Settings link.

    • This can be tested by running the following command from the command line:
netstat -ano | find ":<port>"
ex. netstat -ano | find ":1072"
  1. Check that there are two httpd.exe processes listed in Task Manager and that the Command Line entry references the C:\Program Files (x86)\GFI directory.
  2. Make sure that the relay agent's firewall (Windows firewall) has an exclusion for the port.
  3. Make sure the agent can access the relay agent's communication port:

    • This can be tested from any agent machine by connecting to http://<LanguardServerIP>:port/files/update/index.txt (e.g. http://192.168.1.200:1072/files/update/index.txt). This should return a page with a single number.
    • Alternately you can test by using the telnet command from the command prompt:
telnet <LanGuard_IP> <port>
ex. telnet 192.168.1.200 1072


NOTE: You may have to install the telnet client from Programs and Features or Add/Remove Programs.

Confirmation

Verify that the LanGuard console no longer displays an error message in the Agent status pane of the Overview tab.

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments