Installation error 1460 when configuring Policy Server
- Article Number: 000001584
- Products: Forcepoint URL Filtering, Forcepoint Web Security, TRITON AP-WEB, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 7.5, 7.1, 7.0
- Last Published Date: September 15, 2020
Problem Description
When running the install and getting to the portion of configuring Policy Server, the follow error shows:
“Could not connect to Policy server code: 1460" |
Resolution
Many of installation errors seen are due to communication issues between components:
Note Alternatively, press Start+Pause.
2. Verify you have network connectivity with the Policy Broker and Policy Server port using telnet. Also, check ports 40000 (Wiffle Port) and 55825 (Used for Policy Server Communication Installation), and 55806 (Policy Server Port). If unsure how to verify port connectivity, please contact your Network Administrator for assistance.
Additional ports:
3. If NAT is being used in the environment, check for correct IPs and ports being used and which are open on the firewall.
If you receive "Could not start Policy Server: code 1460" and have determined that there are no communication issues with Policy Broker, check the following with your Network Administrator: 1. The IP of the Broker was changed after it was installed. 2. The Broker has multiple NICs, and the IP you are entering for the Broker when installing Policy Server is for the wrong NIC. 3. There is a NAT translation between the Broker and Policy Server Note The config.xml Token contains password and IP info. You can search for the token in the config.xml which is located in the \websense\web security\bin directory Example: <container name="BrokerService">
<container name="Config"> <data name="Country">US</data> <data name="Host">x.x.x.x</data> <data name="Language">en</data> <data name="Port">55880</data> <data name="RetryTime">10</data> <data name="Service">F1D8B0F7D4893A8974A2BC896ECA939097611D5B530EF639</data> <data name="Token">939A84C........1AD452DE2B7798A71CF17E</data> <data name="WaitTime">180</data> </container> </container> The best solution is reinstall the Policy Broker service after any IP change. This is due to the dependencies of Policy Servers and Filtering Service only equipment in the network which rely on the IP of the Policy Broker. Once reinstalled, the Policy Broker IP can be updated on any additional policy servers and/or filtering service servers in the environment. Important In the case of an IP change on an appliance, a reimage is required. For instructions, review How to restore a V-Series appliance to a factory image. Important In some cases for Windows, all of the Forcepoint Web services on a Windows server may need to be reinstalled. This will be necessary if reinstalling Policy Broker alone and re-associating does not resolve the issue. If Policy Broker is on a Windows server or Appliance, make a backup of your policies before making changes. Follow the steps on Backup and restore the Policy Database Reinstalling Policy Broker on a Windows server:
Re-Associate Policy Servers to new Policy Broker
Windows server:
Otherwise, you will have to manually recreate your policies in Forcepoint Security Manager. Version 8.3 to 8.5 Appliance using CLI This takes approximately 20-30 minutes to complete.
This takes approximately 20-30 minutes to complete.
Keywords: policy server issue; Policy server installation; uac; dep; firewall; antivirus; 1460; could not connect to policy server; policy broker IP changed; 55880; 6432; 7432; token; reimage; appliance mode; appliance reimage; change appliance mode; set mode |
Article Feedback
Want 24/7 Tech Support?
Learn more