locked
System.ServiceModel.EndpointNotFoundException:Could not connect to net.tcp://center.ip.addr:443/IEntityReceiver RRS feed

  • Question

  • Hi,

    I use Advanced Threat Analytics 1.7 , and install light weight gateway on server 2012 domain controller.I see the "Microsoft.Tri.Gateway-Errors.log" message as blow .

    System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://10.0.0.50:443/ICenterConfigurationManager. The connection attempt lasted for a time span of 00:00:21.0130306. TCP error code 10060

    How do i fix ? In ATA Center with no error message .

    Thanks .


    • Edited by kkmon Monday, February 6, 2017 8:55 AM
    Monday, February 6, 2017 8:10 AM

Answers

  • Hello,

    This error message indicates that the ATA Lightweight Gateway failed to establish connection to ATA Center. 

    Please ensure the network settings are correct, and the network connection is valid between ATA Lightweight Gateway and ATA Center. Ensure that there is no firewall which may block the traffic, which flows from ATA Lightweight Gateway to ATA Center. 

    Also, please ensure that the windows firewall on ATA Center will not block the received traffic destined to TCP Port 443.

    Best regards,
    Andy LIu

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, February 7, 2017 2:39 AM
  • Hello,

    The Lightweight Gateway is up and running, it works now. That means the ATA Lightweight gateway can communicate with ATA Center.

    You can follow the steps below to simulate Reconnaissance using DNS.

     

    1. Logon to a remote server.
    2. Open Command Prompt and run NSLOOKUP command
    3. From the NSLOOKUP window, run LS command to list the DNS zone

    You will receive the following Reconnaissance using DNS alert on the ATA console. 

    Besides, you may also refer to the article for more details about ATA behavior analysis monitoring.

    https://blogs.technet.microsoft.com/enterprisemobility/2016/06/30/ata-behavior-analysis-monitoring/

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.




    Tuesday, February 7, 2017 7:18 AM

All replies

  • Hello,

    This error message indicates that the ATA Lightweight Gateway failed to establish connection to ATA Center. 

    Please ensure the network settings are correct, and the network connection is valid between ATA Lightweight Gateway and ATA Center. Ensure that there is no firewall which may block the traffic, which flows from ATA Lightweight Gateway to ATA Center. 

    Also, please ensure that the windows firewall on ATA Center will not block the received traffic destined to TCP Port 443.

    Best regards,
    Andy LIu

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, February 7, 2017 2:39 AM
  • Hi ,

    I try to close the DC firewall and ata center firewall .
    And reinstall the ATA Lightweight Gateway on DC .
    I am wait about 20 minutes.
    In ATA Lightweight Gateway with no error message .
    In ATA Center with no error message .
    I try to login fail on another two client for ten times.
    Both of them are domain member .
    I also try to use nslookup .
    But still not see any record on ATA center .

    Could you give me some suggest?
    Thanks .
    Tuesday, February 7, 2017 6:06 AM
  • Hello,

    Can you access the ATA Console by opening web browser, and entering the URL of ATA Console? The URL should be defined during the installation of ATA Center.

    If you can access the ATA Console, you need to configure the ATA Gateway on the ATA Console by referring to the article below.

    https://docs.microsoft.com/en-us/advanced-threat-analytics/deploy-use/install-ata-step5

    Also, please make sure the machine installed ATA Center is a member of the domain.

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, February 7, 2017 6:34 AM
  • Hi,

    Yes , I can use the URL on another client to access the ATA Console. The ATA Center also is a member of the domain .
    The setting as blow .
    https://social.technet.microsoft.com/Forums/getfile/998502
    Thanks.
    Tuesday, February 7, 2017 7:12 AM
  • Hello,

    The Lightweight Gateway is up and running, it works now. That means the ATA Lightweight gateway can communicate with ATA Center.

    You can follow the steps below to simulate Reconnaissance using DNS.

     

    1. Logon to a remote server.
    2. Open Command Prompt and run NSLOOKUP command
    3. From the NSLOOKUP window, run LS command to list the DNS zone

    You will receive the following Reconnaissance using DNS alert on the ATA console. 

    Besides, you may also refer to the article for more details about ATA behavior analysis monitoring.

    https://blogs.technet.microsoft.com/enterprisemobility/2016/06/30/ata-behavior-analysis-monitoring/

    Best regards,

    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.




    Tuesday, February 7, 2017 7:18 AM