Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: How to Test Agent Network Connectivity (Windows)

App Control: How to Test Agent Network Connectivity (Windows)

Environment

  • App Control Agent: All Supported Versions
  • Microsoft Windows: All Supported Versions

Objective

To test network connectivity between an endpoint and the App Control Server.

Resolution

  1. Log in to the endpoint being tested and use a command prompt to issue the following commands:
    cd "C:\Program Files (x86)\Bit9\Parity Agent"
    dascli status
    
  2. In the returned output, locate: Server Information > Server and note the address.
    Example: appserver.domain.com:41002 means the Server Address is appserver.domain.com and port is 41002.
  3. Issue the following commands:
    netstat -ano | findstr "41002"
    nslookup <ServerAddress>
    ping <ServerAddress>
    tracert <ServerAddress>
    netsh winhttp show proxy
    (for XP/Server 2003 use: proxycfg)
  4. Use PowerShell to issue the following commands:
    Test-NetConnection -ComputerName <ServerAddress> -Port 41002 -InformationLevel "Detailed"
    Test-NetConnection -ComputerName <ServerAddress> -Port 443 -InformationLevel "Detailed"
  5. Confirm results are successful (See Additional Notes for further reference)

Additional Notes

  • The output of the PowerShell command should indicate that the name resolves to an IP and the TcpTest is "True"
    RemoteAddress            : 10.1.2.3
    TcpTestSucceeded         : True
  • If Remote address did not return the correct IP address then the DNS must be fixed
  • If the TcpTest is "False" then port 41002 is not accessible on the server
  • The output of netstat -ano | findstr "41002", should be 'ESTABLISHED' - This is necessary in order for comms to succeed between agent and server. If there is anything other than 'ESTABLISHED' (including No output), then this generally indicates some issue or other with Firewall or proxy settings, and will likely need the Infra/IT Team to help determine why Port 41002 connection was not 'ESTABLISHED', as this is not something the agent has control of, as it relies on the connection settings in order to make the 2 way communication.
  • If ICMP response is disabled in the environment, ping may not be successful
  • For more information on communication requirements see the documentation for the relevant version
  • Optionally if Telnet is available, you can check connectivity with:
    telnet AppCServerName 41002
  • For more information on telnet see: https://social.technet.microsoft.com/wiki/contents/articles/38433.windows-10-enabling-telnet-client....

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
67% helpful (2/3)
Article Information
Author:
Creation Date:
‎01-24-2019
Views:
7938
Contributors