Troubleshooting communication problems with Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x
Question/Issue:
You use Symantec System Center and either Symantec Client Security 3.x or Symantec AntiVirus Corporate Edition 10.x. The communication between clients and servers does not work correctly. You may see one of the following symptoms: - Clients disappear from Symantec System Center - Clients cannot be configured from Symantec System Center - Clients do not receive automatic virus definition updates
Make sure that information in Symantec System Center is up to date
Run the Discovery Service to make sure that Symantec System Center has current information.
To update information in Symantec System Center
- Start Symantec System Center.
- Click Tools > Discovery Service.
- Make sure that the correct discovery method is selected:
- Load from cache only
This discovery method returns information that is cached in the local registry of Symantec System Center. This information includes any server groups that have already been discovered through other discovery methods. The location in the registry is:
HKEY_LOCAL_MACHINE\Software\Intel\Landesk\VirusProtect6\CurrentVersion\AddressCache
No network communications are initiated for this discovery method. - Local Discovery
A local discovery locates Symantec AntiVirus servers on the local area subnet. First, the load from cache discovery is run. Then a broadcast looks for listening Symantec AntiVirus servers on the local network over UDP port 38293 (PDS). When the server receives this broadcast, it sends an ARP request for the IP address of Symantec System Center. Once the Symantec AntiVirus server has this information, it responds to the request from Symantec System Center. Symantec System Center and Symantec AntiVirus server communicate over TCP port 2967. - Intense Discovery
An intense discovery locates Symantec AntiVirus servers across multiple subnets. First, a load from cache only discovery runs, followed by a local discovery. Each domain and workgroup that is accessible from My Network Places is enumerated. Then, your primary DNS server is queried for the IP address of every computer in each domain and workgroup. At this time, the communications that occur in a local discovery to contact Symantec AntiVirus servers take place. - IP Discovery
This option is on the Advanced tab. Before you use this option, consider the amount of network traffic that can occur. Every IP address in the range that you enter is queried for a Symantec AntiVirus server that listens on UDP port 38293.
If you select IP Subnet, you can enter a range only within one subnet. If you select IP Address, you can send a broadcast to multiple subnets.
- Load from cache only
- Click Clear Cache Now.
The cache is cleared and the selected discovery method is run. If you previously used the Importer tool, the clearing of the cache deletes all of the imported server information. To avoid having to import this information again, click Run Discovery Now instead of Clear Cache Now. - If your server group appears, but you continue to have communication problems, go to the “Make sure that Symantec System Center works correctly” section of this document.
- If your server group does not appear, click Tools > Find Computer.
- Click the Network Discovery tab.
- In the Server Address box, type the name or IP address of the primary server in the missing server group.
- Next to Address Type, select one of the following, depending on what you typed in step 8:
- Machine Name
- IP
- Click Find Now.
- If the Network Discovery finds the primary server but does not add it to Symantec System Center automatically, click Sync Item.
If the communication problems persist, continue with the “Make sure that Symantec System Center works correctly” section of this document.
Leave a Reply
You must be logged in to post a comment.