This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error s107m858: An existing connection was forcibly closed by the remote host

khanij23
By
Level 2

Greetings all,

 

The FlexeNet agent failed to contact the server (Beacons) to read the policy; however, when we enforced the agent to read the policy manually by running the command: C:\Program Files (x86)\ManageSoft\Policy Client\mgspolicy.exe -t machine from the Clint side, we get the following error: "Error s107m858: An existing connection was forcibly closed by the remote host."

 

Note: The Flexera agent is installed on computers that run on different versions of Windows Server (2012 and above), and we are getting the same error from all of them.

 

Furthermore, we installed the FlexeNet agent on all of the origination computers, and the majority of the machines appear successfully under FNMS.

 

Any ideas that might help solve the problem?

‎Jun 06, 2023 02:53 AM

(4) Replies

dhoagland1
By Level 5 Flexeran
Level 5 Flexeran

This is caused by the connection being refused on the Beacon side. A few common scenarios:

  • SSL\TLS enforcement (if you notice newer it works on Windows 2019+ but not on older versions, enforcing strong encryption via TLS is the likely culprit)
  • Proxy servers not allowing the connection
  • Network is dropping packets so the SSL handshake doesn't complete

The first 2 are the most common scenarios I've seen.

‎Jun 08, 2023 03:50 PM

khanij23
By
Level 2
In response to dhoagland1

Unfortunately, not yet.

 

We checked the TLS settings on both groups of machines that display on FNMS and those that do not, and they were identical.

 

However, we observe that the registry key. NET settings do not match. On the machines that are reporting inventory and appearing on the FNMS, they are as follows:  Computer \HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\"ComputerHKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv2.0.50727" type DWord, value "1", Name "SchUseStrongCrypto"

 "ComputerHKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv2.0.50727" type DWord, value "1",  Name " SchUseStrongCrypto”

 

However, “SchUseStrongCrypto” not been created on the machines that are not reporting or appearing on FNMS.

Again, I'm not sure if the change mentioned above might affect the Flexera agent's ability to connect to the beacon server in order to get the policy.
Please keep in mind that all organization workstations receive the policy from the Beacon server via the default connection HTTP:80 (although we ensure that both connections and ports (HTTP:80 and HTTPS:443) are open).

‎Jun 14, 2023 02:51 AM

0 Kudos

durgeshsingh
By
Level 10
In response to khanij23

Hi

Refer this article . Updating .NET Framework might help. Just compare with working & non working device.

https://appuals.com/how-to-fix-an-existing-connection-was-forcibly-closed-by-the-remote-host-error/

‎Jun 14, 2023 06:29 AM - edited ‎Jun 14, 2023 06:31 AM

dhoagland1
By Level 5 Flexeran
Level 5 Flexeran
In response to khanij23

As indicated by dugeshsingh, you will want to add that key. It is a Windows setting and not updated via the policy may be set via GPO.

‎Jun 14, 2023 09:18 AM

0 Kudos