Troubleshooting Policy Rollout Issues
Secure Web Gateway (On-Prem) and Trellix ePO connect to the Trellix Agent, which is installed locally on a client.
For information on ports for network or firewall, see:
- Trellix ePO port requirements for firewall traffic, KB66797.
- Ports and URLs needed for Trellix ePO - SaaS communication through a firewall, KB90878.
To troubleshoot policy issues, try the following:
- Check the Trellix Agent Status Monitor window for any connectivity errors.
- Check the packet capture to see if connections on ports 80/443/8081 are working.
- Make sure that the required ports are allowed in the network as well as on the network/client firewall.
If you have performed all steps and the issue persists, reproduce the issue and raise an SR with all relevant information.
Unable to Apply Client Proxy Policy on macOS
When you install a new version of Client Proxy on a macOS system, there is a possibility that the MsgBus cert updater not updated automatically. This may lead to failure in applying the Skyhigh Client Proxy policy.
NOTE: By default, the MsgBus cert updater should update automatically when you complete the SCP deployment process.
Workaround: Check whether the MsgBus cert updater is up-to-date with the Client Proxy new version installed on the macOS system. If it is not updated, manually update the MsgBus cert updater or create a product update task to update.