sdnian 6 Posted June 13, 2019 Share Posted June 13, 2019 Product activation failed. The two days ago, I just installed a new server, ESMC 7.0.577, the client is EEA 7.1.2045. I tried to activate the product many times. But don't work all the time. I entered the license key directly in the Client and got the error code of ECP.20006. On the ESMC, use Wireshark to find the red line below, always get the 404 Not Found error, the full content can be found in the attachment. Please help me to resolve this problem, thanks! activation.zip Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,130 Posted June 13, 2019 ESET Moderators Share Posted June 13, 2019 Hello @sdnian, thank you for the packet capture, I will have it checked. May I ask you you have any SSL inspection in place? Regards, Petertracking key: P_EESW-3955 Link to comment Share on other sites More sharing options...
sdnian 6 Posted June 14, 2019 Author Share Posted June 14, 2019 15 hours ago, Peter Randziak said: Hello @sdnian, thank you for the packet capture, I will have it checked. May I ask you you have any SSL inspection in place? Regards, Petertracking key: P_EESW-3955 I think it might be related to Firewall - Sophos XG115w. But I can't confirm if there is SSL inspection so far. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted June 14, 2019 ESET Staff Share Posted June 14, 2019 (edited) 15 hours ago, sdnian said: I think it might be related to Firewall - Sophos XG115w. But I can't confirm if there is SSL inspection so far. Certificate that is considered by ESET products as untrusted, i.e. injected into communication has following identifiers inside: IP Address=fe80:0000:0000:0000:...:2a5a IP Address=192.....204 DNS Name=localhost DNS Name=G....net.local which might help you identify source. Otherwise certificate contains no other details, it actually like like default certificate that is generated for ESMC Webconsole, but it makes no sense to be injected into communication. Could you verify this certificate is used by your ESMC console for Apache Tomcat connections (I have made some redaction of data present in certificate)? Also as you mentioned, MAC addresses from communication with ESET licensing server (IP=13.91.57.145) indicates that next device is Sophos, but it does not mean it is source of this injected certificate. Edited June 14, 2019 by MartinK Redation of hostnames & IP addresses Peter Randziak 1 Link to comment Share on other sites More sharing options...
sdnian 6 Posted June 17, 2019 Author Share Posted June 17, 2019 Thanks for @MartinK and @Peter Randziak help. I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well. Peter Randziak 1 Link to comment Share on other sites More sharing options...
Recommended Posts