Product Errors **Featured Article**
- Article Number: 000016252
- Products: Advanced Malware Detection, Forcepoint CASB, Forcepoint DLP, Forcepoint Email Security, Forcepoint Security Appliance Manager, Forcepoint URL Filtering, Forcepoint V10000 Appliance, Forcepoint V5000 Appliance, Forcepoint Virtual Appliance, Forcepoint Web Security, Forcepoint Web Security Cloud, Forcepoint Web Security Endpoint, Forcepoint Web Security Endpoint Cloud, Next Generation Firewall (NGFW), TRITON AP-WEB
- Version: All versions, 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 6.3, 6.2, 6.1, 6.0, 5.10
- Last Published Date: September 08, 2020
Notes & Warnings
Important The KB Articles provided may require you to login to https://support.forcepoint.com to view. If you do not have an account, please Create a Customer Account. If you have an account but cannot log in, Contact Support for assistance. |
Resolution
The errors included in this article are separated into the major sections. Some errors that are specific to existing featured articles will not be in this article. For more information, visit our Feature Article homepage. Connection Errors Certificate Errors Installation and Upgrade Errors Connection ErrorsWhile many connection errors are related to environmental issues in the Network, such as Ports and Firewall blocking, others may be due to configuration.For a list of ports that need to be opened for communication in the deployment:
CASBAPI token test connection fails in Office 365 with error "Data classification test failed"This error happens after configuring the token for the API. Cloud“Cannot Connect - The requested URL is not available" error displayed when browsing to a websiteThis error happens when going through the Cloud proxy, but not when bypassing the Cloud proxy. Directory Synchronization error: LDAP connection failed This error is specific to Directory Sync Client used with Cloud. WebForcepoint Security ManagerError: "Strong(er) authentication required" - Unable to connect to AD Server This is primarily a Web error, but can also happen in Email deployments. “Forcepoint Security Manager could not connect to Cloud App agent" error displayed in Alert tab This error only applies to version 8.4. Content Gateway "Unable to connect to the configured proxy server" error in Appliance Manager This issue only applies to versions 7.6-8.2. Websense Content Gateway error: "Tunnel connection failed" For use when a website or application does not load, and the error in error.log is: Tunnel Connection Failed WCG error log shows clients attempting to connect to port 80 on the external firewall This error does not produce issues for the environment but may be seen in the error.log. WCG error.log shows multiple failed connections for sites never visited This issue may be due to legitimate or malicious traffic. WCG Error: A client exceeded the 100 per second connection rate limit This issue may cause latency for all users. Error message: "FTP Error Connection Reset by Peer" The solution for this may also correct other problems if Network Agent is used with a Content Gateway. Certificate ErrorsMany certificate errors can be corrected by updating the certificate in use in the environment, particularly for expired or SHA-1 certificates. In other cases, the issue is specific to the TLS version supported in the environment versus what is expected by the website.CloudPublic Wi-Fi logon page blocked with certificate errorCaused by internal certificates for the logon pages rather than public certificates, corrected via bypass. "Stronger security is required" message This error is specific to Internet Browser TLS versions. WebHow to create and install a new server certificate in the TRITON EIP infrastructureThis addresses how to resolve the certificate error warning when browsing to the Forcepoint Security Manager GUI. Subordinate Certificate Authority import creates error "Cannot load the private key" Error happening when Importing a SubCA root certificate for SSL Decryption rather than using the self-signed certificate generated from the Content Gateway. Remove the "Revocation information for the security certificate for this site is not available." error message In Internet Explorer This addresses a popup warning that happens only in Internet Explorer for security certificate revocation. Peer disconnected after first handshake message: Possibly SSL/TLS Protocol level is too low or unsupported on the server Some websites only connect over specific TLS versions, and having TLS versions disabled in the Content Gateway may produce this error. Email: Generating and importing a CA signed certificate How to generate csr and install certificate using openssl TLS support in Forcepoint solutions TLS version support information for Forcepoint products Email Security installation fails when TLS 1.2 is enabled How to enablle TLS 1.2 for versions prior to 8.5.4 Installation and Upgrade ErrorsThere are many failures that may happen during installation or upgrade. Some of the more common causes particularly for components on Windows machines are from Data Execution Prevent (DEP), User Account Control (UAC), and Windows Firewall.Ensure DEP/UAC/Firewall are turned off
Other common factors include: Antivirus solutions installed on the machine, read-write permissions on the account used to log onto the server, and not running programs as Administrator. Advanced Malware Detection (AMD)Installation issues: amd_register ends in fatal error or installation stalls and does not completeFixes for installation issue during installation of Lastline virtual machine stalling, and On-Premises Manager error: “FATAL ERROR: An Unrecoverable error has occurred.” CloudEndpoint install error: "Installation missed some parameters, installation failed."This error is specific to Cloud Endpoint installation error on user machines. DataTRITON AP-DATA supplemental server install failure error 1406 could not write manager_pass to keyIssue created by having special characters in password. Installing Data Security on Windows 2012 R2 server causes "Installation ended prematurely because of an error" error Installation error due to Print Spooler service being disabled. Connectivity tests to ESG appliance and SQL server from Manager Subscription Key registration fails with HTTP error 403, download failure Appliance connectivity issues with download server to register subscription key Email Manager stuck on Processing and does not load Change of SQL server password causes Manager not to load Email Security Manager v8.5 installation fails with error 142 Specific to 8.5 installation or upgrade with SQL Enterprise versions 2014 and 2016. "Current versions found" error when trying to reinstall Email Log server Re-install of Log Server failing due to registry key entries for Log Server remaining after uninstall. TRITON AP-EMAIL Log Database Upgrade fails with error 154 This error is specific to when upgrading the Windows components to version 8.3.0. Appliance upgrade fails with Internal command error This error is specific to when upgrading an Appliance to version 8.3.0. Forcepoint Security Appliance ManagerForcepoint Security Appliance Manager (FSAM) Installation Error for Missing dllError Message: "Installation Error: "The program can't start because api-ms-win-crt-runtime-l1-1-0.dll is missing from your computer. Try reinstalling the program to fix this problem."" Next Generation Firewall (NGFW)“Engine error…The number of tunnels in the configuration is too large” error displayed during policy installError message: “Engine error: Engine error: Message code 208 Syntax error [ ipsecpmd ] The number of tunnels in the configuration is too large! (Future policy changes may fail to upload.)” Web"Non 7-zip Archive" error displayed when opening the TRITON InstallerThis installer error prevents installation of any product from Forcepoint Setup, not just Web. Error 1720 "Installation failed" occurs when installing Forcepoint components Error message: "Error 1720: Installation failed: This installation is forbidden by system policy. Contact your system administrator." Installation error 1460 when configuring Policy Server Most common cause is the Policy Broker IP having been changed and communication is broken. Changing the Policy Broker IP can also cause many other errors and is not suggested. "Installer user interface mode not supported" error displayed when installing on Redhat / Centos 7.4 For version 8.5 only when installing on a Linux software Content Gateway. Websense Install Fails With “Cannot Connect To SQL Server” Error Caused by connectivity or service account issues for the SQL server during installation. Forcepoint Websense Content Gateway installation error “Device eth0 does not exist” Error message: "Device “eth0” does not exist. Warning: Content Gateway requires interface eth0 to have an IP address. This interface should have a route to the TRITON manager." Log Server installation fails with error "Failed to generate the ODBC connection for the database" This error may happen if an ODBC connection already exists or attempted creation but did not have proper connection. "Service was not found" error for Log Server and doesn't install successfully Log server installation error which requires potential reinstall of the service. Error "Cannot connect to TRITON Settings database" during upgrade or install of 8.2.0 This error only happens if upgrading to or creating a fresh installation of the Windows components for 8.2.0. “Invalid IP address supplied” error on appliance upgraded to version 8.3.0 This error only happens when upgrading an Appliance to 8.3.0. keywords: error; install; fsm; email; cloud; data; sql; ngfw; web; register; ipaddress; network; policy; configure; interface |
Article Feedback
Want 24/7 Tech Support?
Learn more