Connectivity issues

You can utilize the following steps while investigating connectivity for an offline agent/client, or external Safetica servers.

In this article, you will learn more about:

• Endpoint and server connectivity issues
• Definition update, server update connectivity issues
• Advanced network logs
• Testing connectivity on MacOS machine

Endpoint and server connectivity issues:

Check the connectivity between the endpoint and Safetica Server using the PowerShell:

1. Open the key below to see what your connecting string to the Safetica Server is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STAgent\Parameters
   
2. In the PowerShell, test the connectivity to the listed servers, for example:
   

   Test-NetConnection -ComputerName WIN-F1GAHJT038S -Port 4438

3. Output example:
   
4. If you can see the “TcpTestSucceeded” as True, there is a connection. If it is False, you should check the firewall, proxy, or other network appliances to see why it is not accessible.

Definition update, server update connectivity issues:

Below you can see external URLs used by Safetica Server to ensure its functionality.

Product updates/license check:

• https://getupdate.safetica.com (Azure)
• https://update.safetica.com/ (Amazon)

Definitions updates:

• https://definitions.safetica.com/

• https://cloudapi.safetica.com

Telemetry:

• http://link.safetica.com/Telemetry/
  
  

You can check again by using PowerShell from your Safetica Server:

Advanced network logs:

If the analysis requires this level of network logs to be collected, this is how you proceed.

1. Open STSupportToolSfx.exe:
   1. Endpoint: “C:\Program Files\Safetica\Tools”
   2. Server: “C:\Program Files\Safetica Management Service\Tools”
2. Click on the [Create application issues report]
3. Tick the [Network monitoring logs] checkbox and click on [Run]
4. Safetica is now collecting the data. Go and reproduce the issue. Once done, click on [Reproduced] and for the [Report] button to unlock. Then click it.
5. Describe the problem and click on [Next]
6. Finish the wizard and collect the .sfx output

Wireshark logs:

1. Download the Wireshark on the affected endpoint/server
2. Run it and choose the network adapter where the outgoing traffic flows
   
3. Wait for some time to capture the issue and stop the network recording by clicking on the red button: 
   
4. Click on [File] -> [Save] to export the trace into a file
5. Upload the logs from the Safetica Support tool and Wireshark trace log to upload.safetica.com with a description of the issue and the approximate time and date of the occurrence.

MAC OS check connectivity between server and the endpoint:

How to check which server IP/hostname is used for connecting the endpoint

1. Open terminal
2. Type - udo /Library/Application\ Support/Safetica/Tools/setup ShowServerIp

How to test connection between mac endpoint and Safetica server

1. Open Terminal
2. Type: - nc -zv “server ip” 4438
3. Example:
   nc -zv 192.168.2.10 4438
4. Check whether there is connectivity.