Forum Discussion
Error Installing ATP sensor on DC
Hi, Installing on Windows server 2019 DC Worked on one DC and failed on the second one. It says its about proxy or SSL incpection but using the same network configuration for both DC..... Only...
Martin_Schvartzman
Microsoft
MicrosoftSanderCYBR
Thank you. It's now also documented here https://docs.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#applyinternal-failed-two-way-ssl-connection-to-service-error
We encounter the exact same issue and added the Reg-Keys. But only for .NETFramework\v4.0.30319 and not for .NETFramework\v2.0.50727.
It is still not working. Is required to also change for v2.0.50727?
Does changing these keys require a reboot?
It is still not working. Is required to also change for v2.0.50727?
Does changing these keys require a reboot?
- Martin_Schvartzman
No. It's not required for .NET v2.0. But you may be encountering a different issue.
Did you install the sensor with the proxyUrl switch, or are you using a transparent proxy? It (the proxy) might be doing SSL inspection and it's breaking the sensor's communication.
- We installed it with the proxyURL switch and it is doing SSL inspection.
I did not read anything in the documentation that SSL inspection is forbidded...- EliOfekhttps://docs.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#applyinternal-failed-two-way-ssl-connection-to-service-error
The sensor is doing mutual authentication, thus ssl inspection will fail it.
