locked
CMG errors RRS feed

  • Question

  • I setup a CMG, got my cert, provisioned, dns, etc. Everything seems to be fine except my clients aren't using the CMG. They have the correct client settings, changes to internet when disconnected from the VPN but they don't seem to be getting policy changes or deployments without the VPN. Checked every log I could think of and find with my initial search to try and troubleshoot.

    When I run the connection analyzer I get 2 errors. 

    first is: Failed to test the CMG channel. Check SmsAdminUI.log for more details.Failed to test the CMG channel. Check SmsAdminUI.log for more details.

    the second is: 

    Failed to test the CMG channel. Check SmsAdminUI.log for more details.

    I'm really at a loss as to what this could be. I can stop and start the service from the console as well.


    Sunday, May 10, 2020 3:49 AM

All replies

  • Found some suspect errors in the locationservices.log:

    Sunday, May 10, 2020 3:01 PM
  • Verify the port from client to CMG Public IP

    Also use CMG Connection Analyzer to troubleshoot further
    https://www.anoopcnair.com/sccm-cmg-troubleshooting/
    Monday, May 11, 2020 7:18 AM
  • Hi,


    The CMG connection point connects to the CMG in Azure over TCP-TLS or HTTPS. It holds the connection open, and builds the channel for future two-way communication. 
    So first we need to ensure that all required network ports and protocols have been configured correctly. See:
    the required network ports and protocols

    If your organization restricts network communication with the internet using a firewall or proxy device, you need to allow CMG connection point and service connection point to access internet endpoints. For more information, see:
    Internet access requirements



    Best Regards,
    Larry

    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 11, 2020 9:22 AM
  • Hi,


    How are things going? I just checked in to see if there are any updates. Please feel free to feedback and if the above reply is helpful, please kindly click “Mark as answer”. It would make the reply to the top and easier to be found for other people who has the similar question.

    Thank you!


    Best regards,
    Larry

    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, May 14, 2020 3:02 AM
  • Hi,

    Thanks for posting in TechNet. Since you have not feedback any progress for a long time, Please allow me to write a short summary for this thread, because we believe this will make the thread clearer and more friendly for other people who have similar problems.

    Problem/Requirement:
    ===================
    Failed to test the CMG channel

    Solution/Suggested solution:
    ===================
    The CMG connection point connects to the CMG in Azure over TCP-TLS or HTTPS. It holds the connection open, and builds the channel for future two-way communication. 
    So first we need to ensure that all required network ports and protocols have been configured correctly. 

    Is it convenient for you to try the above solution? If there is any other assistance we can provide, please feel free to let us know, we will do our best to help you.



    Best regards,
    Larry

    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, June 12, 2020 8:53 AM