Recently upgraded from McAfee FW for Linux (HIPS) to Endpoint Security Firewall 10.6.5. On the hourly agent to endpoint communication, I'm getting the following error (as seen in mfefirewall.log):
Oct 07 18:30:03 fcc1014 INFO msgbus  Received Timer event to read msgbus config file
Oct 07 18:30:03 fcc1014 INFO msgbus  msgbus connectvity status : Connected
Oct 07 18:30:03 fcc1014 ERROR msgbus  failed to even fallback approach for credentials, 512
Oct 07 18:30:03 fcc1014 ERROR msgbus  exchanged information are not matching, rejecting connection.
Oct 07 18:30:03 fcc1014 ERROR msgbus  Connection Failed
The effect is the firewall will not accept new options/rules via ePO.
Solved! Go to Solution.
Please upgrade to the ENS Linux Firewall 10.6.6 version that is releasing today.
TSDE-2298 Firewall blocks any in/out packets during policy enforcement. This release resolves the issue.
TSDE-2658 Firewall incorrectly updates policy during partial policy enforcement. This release resolves the issue.
I tried to install 10.6.6 FW on 6 hosts using the oasoff command line option, but it failed on all with the message:
Sent Run Now task "McAfee Agent > Product Deployment" to "mmc0701"
Run now task McAfee Agent > Product Deployment received.
Run now task started.
Run now task McAfee Agent > Product Deployment failed.
Details: Product "ENDP_FW_1060LYNX" installation failed, reason "Unknown error"..
If possible, please submit a Service Request to Support with Agent & ENSLFW MER files to review the install failure further. I'm wondering if the command line options being used may be the cause.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:
TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com