Jump to content

Recommended Posts

Posted

Product activation failed.

The two days ago, I just installed a new server, ESMC 7.0.577, the client is EEA 7.1.2045. I tried to activate the product many times. But don't work all the time. I entered the license key directly in the Client and got the error code of ECP.20006.

On the ESMC, use Wireshark to find the red line below, always get the 404 Not Found error, the full content can be found in the attachment. Please help me to resolve this problem, thanks!

Screenshot_2019-06-13_12-44-48.thumb.png.f09d0cb9e4e0bf7814b203bd512a93f8.png

activation.zip

  • ESET Moderators
Posted

Hello @sdnian,

thank you for the packet capture, I will have it checked.

May I ask you you have any SSL inspection in place?

Regards, Peter
tracking key: P_EESW-3955

Posted
15 hours ago, Peter Randziak said:

Hello @sdnian,

thank you for the packet capture, I will have it checked.

May I ask you you have any SSL inspection in place?

Regards, Peter
tracking key: P_EESW-3955

I think it might be related to Firewall - Sophos XG115w. But I can't confirm if there is SSL inspection so far.

  • ESET Staff
Posted (edited)
15 hours ago, sdnian said:

I think it might be related to Firewall - Sophos XG115w. But I can't confirm if there is SSL inspection so far.

Certificate that is considered by ESET products as untrusted, i.e. injected into communication has following identifiers inside:

IP Address=fe80:0000:0000:0000:...:2a5a
IP Address=192.....204
DNS Name=localhost
DNS Name=G....net.local

which might help you identify source.

Otherwise certificate contains no other details, it actually like like default certificate that is generated for ESMC Webconsole, but it makes no sense to be injected into communication. Could you verify this certificate is used by your ESMC console for Apache Tomcat connections (I have made some redaction of data present in certificate)?

Also as you mentioned, MAC addresses from communication with ESET licensing server (IP=13.91.57.145) indicates that next device is Sophos, but it does not mean it is source of this injected certificate.

Edited by MartinK
Redation of hostnames & IP addresses
Posted

Thanks for @MartinK and @Peter Randziak help.

I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...