Forum Discussion
Error Communication WebClient
We are deploying Azure ATP Sensor on a DC and are getting the following error:
2019-12-04 15:06:10.3678 Error CommunicationWebClient+<SendWithRetryAsync>d__8`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace
We are using a proxy to connect to the Internet. As a troubleshooting step, we have got the IP address for the DC is whitelisted on our proxy to allow connections through to the Internet. The error still continues.
On the ATP portal, we see the Service Status changing from "Starting" to "Stopped" status as the service keeps on retrying to connect. However, the Health status shows as "Syncing". I have attached a screenshot as well showing the status. Ignore the ones that are masked out in BLACK, the one that is causing us issues is the one masked out in YELLOW.
Has anyone come across this issue yet and is there is a known fix for it?
- Both SamName and full UPN formats should work. Set the dc domain of the account. This is if all domains have full 2 way trust.
- EliOfek
Microsoft
This error means there is still a networking issue which blocks the sensor from contacting the AATP Azure backend via HTTPS/443.
Although white listed, it might still be blocked int he proxy or somewhere else.
Note: If you install the sensor in silent mode, you have an option to install it with proxy support, including a proxy that requires an authentication, so instead of trying to bypass the proxy, maybe try to work with it...
Thanks for the quick turnaround! Very much appreciated!
We did start off with setting the proxy authentication and attempting connection via that route by using the silent mode install method. Gradually we then started troubleshooting and reached a point where we had to whitelist the server IP on the proxy without any success.
We are going to check our perimeter firewall to validate if any traffic is being dropped there.
In the meanwhile, does anyone know if there are any specific ports that need to be opened up for traffic related to ATP sensor communication?
