Troubleshooting - Security update connectivity

Verify the connectivity between the relay server and its Active Update source or proxy server.

  1. To verify that both a route exists and that the relay port number is open, enter the command:

    telnet [relay IP] [port number]

    If the telnet fails, verify that a route exists and that firewall policies (if any) allow the traffic by pinging or using traceroute. Also verify that the port number is open, and doesn't have a port conflict.

  2. To verify that the DNS server can resolve the domain name of the relay, enter the command:

    nslookup [relay domain name]

    If the test fails, verify that the agent is using the correct DNS proxy or server (internal domain names can't be resolved by a public DNS server such as Google or your ISP).

    If you are using Deep Security as a Service, you might not be using your own relays; instead, you will be using the relays that are built into the service: relay.deepsecurity.trendmicro.com.

  3. If you use a proxy server, on Deep Security, confirm that the proxy settings are correct.
  4. To determine if your Deep Security settings are blocking connectivity, unassign the current policy.