Issue | Description and Resolution |
---|---|
General | |
No access to the management console
|
The management console URL is not a trusted site in Internet Explorer. Add the URL to the trusted sites. |
If the imssps daemon is running, the policy
service is working. Check the connection between the policy service and
scanner service and verify your LDAP settings.
|
|
To activate Email
Reputation, IMSS needs
to connect to Trend Micro.
This process requires an HTTP query with a valid DNS setting. Therefore,
if a DNS server is not available or has connection problems, activation
cannot occur.
To verify your DNS server settings:
The command
should return the IP address of your IMSS server.
If a proxy server is required to connect to the Internet, verify your proxy settings
to ensure
the HTTP request reaches http://licenseupdate.trendmicro.com.
To verify your proxy settings
from the management console:
|
|
Email notifications do not properly display. |
If your computer is running a non-English
operating system and the notification message was not written in
English, it may appear distorted. Modify the character set through
the management console.
To modify the character
set:
|
Cannot query message logs in IMSS. | IMSS scanner records the log with local time. To query message logs, synchronize the date/time on all computers with IMSS. |
IMSS does not receive email messages.
|
|
Services
are not running normally.
|
The database has not been started or the
database was started after the IMSS services
started. Restart all IMSS services.
|
After enabling Web Reputation, the scan time for messages increases significantly. |
Web Reputation needs to query the Trend Micro Web Reputation servers. Verify the HTTP
connectivity from the IMSS
scanner to the external network.
For Web Reputation issues, check the wrsagent.* files under the
{Installation_Path}\imss\log
folder.
|
End-User Quarantine Issues | |
Unable
to access the EUQ management console
|
Do the following:
The first instance of the EUQ service,
the primary EUQ service, runs Apache Web Server (httpd) while listening
on port 8447 (HTTPS).
This Web Server serves as a connection
point for the EUQ clients and for load balancing for all EUQ services.
If the Apache server is not up and running, users will not be able to
access the EUQ management console from the normal IP address:
https://{Primary
EUQ Service IP address}:8447/ |
Users are unable to log
on to EUQ management console
|
Do the following:
|
The EUQ digest does not correctly display quarantined message information. |
Verify that the correct character set is
selected:
|
Some quarantined messages are not appearing on the EUQ management console |
On the EUQ management console, users can
only access the quarantined messages if the administrator configures
EUQ to allow access.
To make quarantine areas visible
to end users:
After
enabling this option, all non-malicious messages (messages that
do not trigger antivirus rules, anti-phishing conditions, or Web
Reputation) quarantined in this area synchronize with the EUQ database.
This allows end users to view and manage the messages from the EUQ
management console.
End users cannot access malicious messages.
|
Cannot enable LDAP with Kerberos authentication. |
Kerberos protocol requires time synchronization
between the Kerberos server and IMSS.
Synchronize
the date/time for all computers with IMSS.
Check
whether the DNS server is configured correctly.
|
IP Filtering Issues | |
FoxProxy
cannot start up
|
There are several reasons why FoxProxy might
not start. To find out the reason, view the IP Profiler logs.
To
view IP Profiler logs:
|
Unable
to connect to FoxProxy
|
Verify that FoxProxy is running and that
it binds on port 25.
|
Unable
to view connections that FoxProxy is blocking
|
Every five (5) minutes, FoxProxy sends information
about blocked connections to the IMSS server.
Wait
for at least five minutes before viewing the connection information.
To
change this time value:
|
FoxDNS is not functioning. |
Verify that the BIND service is running:
|
No
IP Profiler log information exists
|
The following IP Profiler-related log files
are in the IMSS admin
database:
Verify that the log files
exist:
|
ERS does not work after being enabled from the management
console.
|
ERS may not work
due to the following reasons:
Activate SPS
and confirm that the computer with SPS installed can access the
Internet.
|
The
MTA settings on the SMTP Routing management
console screen are not being written into the Postfix configuration files
|
By default, the settings on the SMTP routing
screen will not be automatically applied to Postfix on each scanner.
To
apply the settings to all scanners:
After
a few minutes, the IMSS manager
process on each scanner synchronizes the settings to Postfix. To restart
the IMSS manager
immediately, use the command:
/opt/trend/imss/script/S99MANAGER restart
If
the process above does not work, check the local configuration file /opt/trend/imss/config/imss.ini to
verify the enable_postset_thd key is set to yes or
is blank.
|
IP profiler does not block IP addresses in the Blocked List. |
The changes require about one (1) minute
to take effect.
Wait one (1) minute before checking the list
again.
|
Blocked IP address does not display in the Overview page |
The Overview page displays the top 10 blocked
IP addresses by type for the last 24 uninterrupted hours. For example,
at 16:12 today the Overview page displays data from 16:00 yesterday
to 16:00 today.
View the Overview page
after an hour.
|