Agents on the Endpoints Cannot be Launched if the Automatic Configuration Script Setting on Internet Explorer Redirects to a Proxy Server
The Security Agent Plug-in Manager (CNTAosMgr.exe) is unable to launch agents on endpoints because the agent launch command redirects to a proxy server. This problem only occurs if the proxy setting redirects the user's HTTP traffic to 127.0.0.1.
To resolve this issue, use a well-defined proxy server policy. For example, do not reroute HTTP traffic to 127.0.0.1.
If you need to use the proxy configuration that controls the 127.0.0.1 HTTP requests, perform the following tasks.
- Configure Apex One firewall settings on the Apex One web console.
Note:
Perform this step only if you enable the Apex One firewall on Security Agents.
- On the web console, go to Agents > Firewall > Policies and click Edit Exception Template.
- On the Edit Exception Template screen, click Add.
- Use the following information:
Name: Your preferred name
Action: Allow network traffic
Direction: Inbound
Protocol: TCP
Port(s): Any port number between 5000 and 49151
- IP address(es): Select Single IP address and specify your proxy server's IP address (recommended) or select All IP addresses.
- Click Save.
- Back on the Edit Exception Template screen, click Save and Apply to Existing Policies.
- Go to Agents > Firewall > Profiles and click Assign Profile to
Agents.
If there is no firewall profile, create one by clicking Add. Use the following settings:
Name: Your preferred name
Description: Your preferred description
Policy: All Access Policy
After saving the new profile, click Assign Profile to Agents.
- Modify the ofcscan.ini file.
- Open the ofcscan.ini file in <Server installation folder> using a text editor.
- Search for [Global Setting] and
add FWPortNum=21212 to the next line. Change
"21212" to the port number you specified in step c above.
For example:
[Global Setting]
FWPortNum=5000
- Save the file.
- On the web console, go to Agents > Global Agent Settings and click Save.
