Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5891
Views
25
Helpful
7
Replies

AMP Status Disconnected

itguy1024
Level 1
Level 1

‎06-22-2021 05:32 AM - edited ‎06-22-2021 06:26 AM

Greetings!

I'm having issues with one server in particular where AMP is disconnected and states it can't connect to the internet.
In the SFC.exe.log file I can see these errors, assuming this is the problem. I have monitored the traffic leaving the server and I'm not seeing any blocks or denies.

 

ERROR: [AMPKIT-WIN][http_client.c@1051]: async request failed (Couldn't connect to server) to https://enrolment.amp.cisco.com/domains

ERROR: [AMPKIT-WIN][http_client.c@1011]: GET request https://enrolment.amp.cisco.com/domains failed (7): Couldn't connect to server (Failed to connect to enrolment.amp.cisco.com port 443: Timed out)

ERROR: [AMPKIT-WIN][http_client.c@1051]: async request failed (Couldn't connect to server) to https://mgmt.amp.cisco.com/health/

 

Version: 7.3.13.20165

2 people had this problem
Labels:
7 Replies 7

itguy1024
Level 1
Level 1

‎06-29-2021 05:53 AM

Any thoughts?

Troja007
Cisco Employee
Cisco Employee

‎06-30-2021 09:53 AM

Hello @itguy1024,
just to figure out if there is a local defect with with policy file, you can do the following.

  1. Download the policy.xml file from a policy
  2. Stop the connector service and replace the file in the installation directory of the connector
  3. Start the Secure Endpoint service

Greetings,
Thorsten

0 Helpful

itguy1024
Level 1
Level 1
In response to Troja007

‎06-30-2021 10:15 AM

@Troja007thanks for the suggestions. I tried that but unfortunately it did not help.

0 Helpful

Chekol Retta
Level 1
Level 1
In response to itguy1024

‎01-21-2022 08:44 AM

Hi itguy1024

Have you found any solution for the issue. I am experiencing the same issue. 

 

Thanks 

jmarcel2
Level 1
Level 1
In response to Chekol Retta

‎01-21-2022 08:55 AM

Only thing that helped us with this problem was to upgrade connectors to 7.5.1, all olders version still have problems. After upgrade to 7.5.1 we havent noticed any disconnected service on those machines, other servers with olders versions are still hit by disconnect problem

 

BR

Marcel

mallaith
Level 1
Level 1

‎01-23-2022 11:10 PM

Hi, 

Make sure AMP is not opened by another user on the same server. If there is more than one user session 

Stop AMP Service

End AMP process run by the other user.

Start AMP service again.

 

 

This worked with me on some Windows servers.

 

Troja007
Cisco Employee
Cisco Employee

‎01-24-2022 12:02 AM

Hello @itguy1024,
two things I just wanted to mention, as there is no info that the issue is solve.

  • What is the output of the connectivity tool? any Errors shown there?
  • There might be an issue if a specific RootCA is missing.

Greetings, Thorsten

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents