Search


  
  
How to perform connection checks for OfficeScan clients or Client/Server Security Agents
 

Solution ID:

 EN-1037975

Product:

 Client Server Messaging Security for SMB - 3.5, 3.6; OfficeScan - 10.0, 7.3, 8.0; Worry-Free Business Security Advanced - 5.0, 5.1, 6.0; Worry-Free Business Security Standard - 5.0, 5.1, 6.0
Operating System:
 Windows 2000 Datacenter Server; Windows 2000 Professional; Windows 2000 Server; Windows Server 2003 Datacenter Edition; Windows Server 2003 R2; Windows 2000 Advanced Server

Published:

 8/7/2009 12:19 AM 
 

Problem:

You can perform connection checks for the following:

Pattern and scan engine update issues

Clients appear offline or disconnected, or does not appear at all in the console

VPN connection check
 

This procedure applies to:

OfficeScan 7.3 / 8.0 / 10

Client Server Messaging Security for SMB (CSM) 3.5 / 3.6

Worry-Free Business Security (WFBS) Standard / Advanced 5.0 / 5.1 / 6.0

 

Solution:
Public
 

To investigate communication issues between the server and the client, please do the following connection checks:

Notes:

Use the same server and client for all the checks.

Make sure to take screenshots of all the results you get.
   

1.

From the OfficeScan server / Security Server, ping the IP address of the client having the issue.
   

2.

On the OfficeScan client / Client Security Agent, open the Registry Editor (regedit.exe).
 

Important: Always create a backup before modifying the registry.  Incorrect registry changes may cause serious issues.  Should this occur, restore it by referring to the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.
   

3.

Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion hive and take note of the value for the registry key "LocalServerPort". This is the client port. Use the decimal value.
   

4.

Go back to the OfficeScan server / Security Server, then open a command prompt and run this command:

   
 

    telnet<space><client IP address><space><value of the client port>
   

5.

Open Internet Explorer, then type the following in the address bar: "http://<client's IP address>:<value of the client's port>/?CAVIT"
 

Example: "http://123.456.789:8080/?CAVIT"
   
 

If you get a result like "!CRYPT!...", it means that the port is open on the client and the connection from server to client should work. Otherwise, there is a problem with the connection.
   

6.

On the OfficeScan client / Client Server Security Agent, open the Registry Editor (regedit.exe).
 

Important: Always create a backup before modifying the registry.  Incorrect registry changes may cause serious issues.  Should this occur, restore it by referring to the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

7.

Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion hive and take note of the values for the following registry keys:
   
 

"Server" - This is the server name of the client.
 

"ServerPort" - This is the server port number of the OfficeScan server / Security Server. Use the decimal value.
   
8. If you are using WFBS 6.0 or OfficeScan 10, do steps a-d. Otherwise, go to Step 9. 
Note: Steps 8a-8d are only necessary for issues with the Smart Scan feature, which is only available in WFBS 6.0 and OfficeScan 10 .

a. Go to the HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\iCRC\Scan Server hive.

b. Take note of the value for the following registry key: 

        • "LocalScanServerUrl" - This is the server name of the client. 
           
c. To verify if the Smart Scan server is available, open Internet Explorer, then type the following URL in the address bar: 

          https://10.10.12.<server>:<port>/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104 

Example: https://10.10.12.171:4345/tmcss/?LCRC=08000000AC41080092000080C4F01936B21D9104

    Note: Make sure to use the port you find in your registry:

        • For WFBS 6.0, the port normally found in the registry is 8082. 

        • For OfficeScan 10, the port is usually 4345.

        • For OfficeScan 10 using Apache, the port is normally 4343.

d. Go to Step 10.  

9.

From the client, ping the server name of the OfficeScan server / Security Server.
   
 

    telnet<space><server name><space><value of the server port>
   
 

Note: For the server name, make sure to use the full name you find in the registry key "Server".

   

10.

Open Internet Explorer, then type the following URL in the address bar:
   
 

For OfficeScan: "http://<server name>:<value of the server port>/officescan/cgi/cgionstart.exe"

     
 

For CSM / WFBS: "http://<server name>:<value of the server port>/SMB/cgi/cgionstart.exe"
   
 

If the next screen shows "-2", this means the client can communicate with the server. Otherwise, there is a problem with the connection.

   

11.

Please send the screenshots of the results to Trend Micro Technical Support for further analysis.
Note: For WFBS 6.0 and OfficeScan 10, also send the file you obtained in Step 7c.

  
Rate this Solution
Did this article help you?
   Yes       No
Comments:
This form uses an automated system and does not provide feedback.