Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error s107m858: An existing connection was forcibly closed by the remote host

Greetings all,


The FlexeNet agent failed to contact the server (Beacons) to read the policy; however, when we enforced the agent to read the policy manually by running the command: C:\Program Files (x86)\ManageSoft\Policy Client\mgspolicy.exe -t machine from the Clint side, we get the following error: "Error s107m858: An existing connection was forcibly closed by the remote host."


Note: The Flexera agent is installed on computers that run on different versions of Windows Server (2012 and above), and we are getting the same error from all of them.


Furthermore, we installed the FlexeNet agent on all of the origination computers, and the majority of the machines appear successfully under FNMS.


Any ideas that might help solve the problem?

(4) Replies

This is caused by the connection being refused on the Beacon side. A few common scenarios:

  • SSL\TLS enforcement (if you notice newer it works on Windows 2019+ but not on older versions, enforcing strong encryption via TLS is the likely culprit)
  • Proxy servers not allowing the connection
  • Network is dropping packets so the SSL handshake doesn't complete

The first 2 are the most common scenarios I've seen.

Unfortunately, not yet.


We checked the TLS settings on both groups of machines that display on FNMS and those that do not, and they were identical.


However, we observe that the registry key. NET settings do not match. On the machines that are reporting inventory and appearing on the FNMS, they are as follows:  Computer \HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\"ComputerHKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv2.0.50727" type DWord, value "1", Name "SchUseStrongCrypto"

 "ComputerHKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv2.0.50727" type DWord, value "1",  Name " SchUseStrongCrypto”


However, “SchUseStrongCrypto” not been created on the machines that are not reporting or appearing on FNMS.

Again, I'm not sure if the change mentioned above might affect the Flexera agent's ability to connect to the beacon server in order to get the policy.
Please keep in mind that all organization workstations receive the policy from the Beacon server via the default connection HTTP:80 (although we ensure that both connections and ports (HTTP:80 and HTTPS:443) are open).


Refer this article . Updating .NET Framework might help. Just compare with working & non working device.

As indicated by dugeshsingh, you will want to add that key. It is a Windows setting and not updated via the policy may be set via GPO.