Failed to connect to ePO:port, network error was 10061 (unable to replicate to an ePolicy Orchestrator SuperAgent Repository)
Technical Articles ID:   KB58747
Last Modified:  3/15/2019
Rated:


Environment

McAfee Agent (MA) 5.x
McAfee ePolicy Orchestrator (ePO) 5.x

Problem

You are unable to replicate to an ePO SuperAgent Repository.

You see the following error:
 
Failed to connect to <ePO server name>:<agent wake-up communication port>, network error was 10061

Cause

This issue occurs when the SuperAgent is on a different subnet than the ePO server and the SuperAgent computer get its IP address using Network Address Translation (NAT).

ePO is not resolving the IP address of the SuperAgent. Instead, it uses the IP address given by MA during installation.

MA binds to the first IP address that it is given during system startup and sends this IP address to ePO. The address given during system startup is not the NAT address; so, ePO can never connect to the SuperAgent.

Solution

Configure the SuperAgent Repository to be a normal Distributed Repository. A Distributed Repository can be configured using a UNC or HTTP path (resolved by DNS when performing a replication).

To create a Distributed Repository:
  1. Log on to the ePO console.
  2. Click Menu, Software, Distributed Repositories.
  3. Click New Repository.
  4. Type a name in the Name field for the Distributed Repository.
  5. Select the appropriate protocol (HTTP or UNC) in the Type field and click Next.
  6. Type the appropriate path information for the HTTP or UNC site and click Next:
    • For HTTP sites, leave DNS Name selected, type the URL address information in the URL field, and enter the port number in the Port field.
    • For UNC folders, type the valid UNC path. For example: \\<FileServerName>\<ePOShare> where <FileServerName> is the DNS system name and ePOShare is the name of the UNC shared folder you created.
       
  7. In the Download credentials (agent to repository) section, type the appropriate authentication credential information as required for systems that update from the repository.
    NOTE: The options available on the Download credentials page vary depending on which type of repository you are creating. Read-only permissions are sufficient.
     
  8. Click Test Credentials to test the download credentials. After a few seconds, you see a confirmation dialog.
    NOTE: If your site is not verified, confirm that you typed the URL or path correctly on the previous panel of the wizard, and that you correctly configured the HTTP or UNC site on the host.
     
  9. In the Replication credentials (server to repository) section, type the domain, user name, and password in the appropriate text boxes.
    NOTE: The ePO server uses these credentials when it replicates DAT files, engine files, or other product updates from the Master Repository to the Distributed Repository. These credentials must have both read and write permissions in the domain of the Distributed Repository.
     
  10. Click Test Credentials to test the replication credentials. After a few seconds, you see a confirmation dialog.
    NOTE: If your site is not verified, confirm that you typed the URL or path correctly on the previous panel of the wizard, and that you correctly configured the HTTP or UNC site on the host.
     
  11. Click Next.
  12. Select whether to include All packages or Selected packages during a replication to this Distributed Repository, and then click Next.
  13. Review and verify the Summary information for the Distributed Repository, and then click Save.

Previous Document ID

KB47751

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.