cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Randy_Bell1
Level 9
Report Inappropriate Content
Message 1 of 7
‎10-08-2019 08:52 AM

Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution

Recently upgraded from McAfee FW for Linux (HIPS) to Endpoint Security Firewall 10.6.5. On the hourly agent to endpoint communication, I'm getting the following error (as seen in mfefirewall.log):

Oct 07 18:30:03 fcc1014 INFO msgbus [12094] Received Timer event to read msgbus config file
Oct 07 18:30:03 fcc1014 INFO msgbus [12094] msgbus connectvity status : Connected
Oct 07 18:30:03 fcc1014 ERROR msgbus [12094] failed to even fallback approach for credentials, 512
Oct 07 18:30:03 fcc1014 ERROR msgbus [12094] exchanged information are not matching, rejecting connection.
Oct 07 18:30:03 fcc1014 ERROR msgbus [12094] Connection Failed

 

The effect is the firewall will not accept new options/rules via ePO.

Labels (3)
0 Kudos
Reply
1 Solution

Accepted Solutions
Randy_Bell1
Level 9
Report Inappropriate Content
Message 7 of 7
‎10-09-2019 08:44 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution
I ended up installing all the latest extensions, then upgraded Threat Prevention to 10.6.6 first, then was able to successfully upgrade FW to 10.6.6. So it appears that FW 10.6.6 is not compatible with Threat Prevention (and Platform) 10.6.5.

View solution in original post

0 Kudos
Reply
6 Replies
ktankink
Employee
Employee
Report Inappropriate Content
Message 2 of 7
‎10-08-2019 09:07 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution

Hi @Randy_Bell1 

 

Please upgrade to the ENS Linux Firewall 10.6.6 version that is releasing today.

https://docs.mcafee.com/bundle/endpoint-security-10.6.6-threat-prevention-release-notes-linux/page/G...

Firewall
Reference Resolution
TSDE-2298 Firewall blocks any in/out packets during policy enforcement. This release resolves the issue.
TSDE-2658 Firewall incorrectly updates policy during partial policy enforcement. This release resolves the issue.

 

0 Kudos
Reply
Randy_Bell1
Level 9
Report Inappropriate Content
Message 3 of 7
‎10-08-2019 10:25 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution

I tried to install 10.6.6 FW on 6 hosts using the oasoff command line option, but it failed on all with the message:

Sent Run Now task "McAfee Agent > Product Deployment" to "mmc0701"
Run now task McAfee Agent > Product Deployment received.
Run now task started.
Run now task McAfee Agent > Product Deployment failed.
Details: Product "ENDP_FW_1060LYNX" installation failed, reason "Unknown error"..
Task Completed

0 Kudos
Reply
Randy_Bell1
Level 9
Report Inappropriate Content
Message 4 of 7
‎10-08-2019 10:42 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution
Additional info: agent version is 5.6.1.157. The upgrade to 10.6.5 for Threat Prevention & Firewall was successful.
0 Kudos
Reply
ktankink
Employee
Employee
Report Inappropriate Content
Message 5 of 7
‎10-08-2019 10:46 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution

If possible, please submit a Service Request to Support with Agent  & ENSLFW MER files to review the install failure further.  I'm wondering if the command line options being used may be the cause.

0 Kudos
Reply
Randy_Bell1
Level 9
Report Inappropriate Content
Message 6 of 7
‎10-08-2019 11:20 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution
I tried both installing without the oasoff option and also pushing a policy out w/oas disabled, then installing, but again, both failed with "unknown error"
0 Kudos
Reply
Randy_Bell1
Level 9
Report Inappropriate Content
Message 7 of 7
‎10-09-2019 08:44 AM

Re: Endpoint Security Firewall (Linux) ERROR msgbus

Jump to solution
I ended up installing all the latest extensions, then upgraded Threat Prevention to 10.6.6 first, then was able to successfully upgrade FW to 10.6.6. So it appears that FW 10.6.6 is not compatible with Threat Prevention (and Platform) 10.6.5.
0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC