G DATA Support - FAQ
Support Code: 29001

How to troubleshoot communication issues between the Security Clients and the ManagementServer of G DATA

This article will give you an overview of the most common causes for communication issues between the G DATA clients (for Windows) and server and will help you to solve them.

In the event of a G DATA Security Clients showing the status « No connection to server » under the column Security Status, there can be several different causes. Not all of them indicate a technical issue.

To see the Security Status, open G DATA Administrator and go to Clients > Overview.

To have a better understanding of how the Security Status works, we recommend to read the following article:

What is the Security Status of the clients on G DATA Administrator and how does it work?

 

The status “No connection to server” appears if the client didn’t make a connection to the server for a certain amount of time.

This timeframe depends on the synchronization time set up for the clients (Via the panel ManagementServers > General settings > Sychronization). It is calculated as follows: client synchronization time x 5 + subnet server synchronization time. By default this value is 40 min.

The synchronization time is the frequency at which clients connect to the server. For large environments, we recommend to increase the client synchronization time. The maximum value it can be increased to is one hour. Alternatively, you can install subnet servers to reduce the load on the main server.

Furthermore, the Security Status uses the column Last access (also in Clients > Overview) to check when the client did connect the last time. The content of this column gives an important information for troubleshooting connection issues.

Do not mistaken Last access with Status as per. “Status as per” shows the release date of the latest virus signatures of the client. This information is not relevant to the current troubleshooting process.

Cause 1. Client turned off or didn't connect recently

If a client shows “No connection to server”, the first point to check is whether it is currently turned on, or has been turned on the last 40 min, as well as to check the column Last access to see if the client managed to connect recently.

Another point to consider is if the option “Limit the number of concurrent connections to the server” has been enabled in “ManagementServers > General settings > Synchronization” then only a set amount of clients will be able to communicate with the server at the same time. In large environments this could mean that certain clients occasionally show “No connection” despite of no technical issues. 

Cause 2: Client can't reach the server over the correct port

If the client was recently on but still shows “No connection to server”, the second point to check is if the client can properly communicate with the server.

 

By default the client contacts the server via its hostname, therefore the client should be able to resolve the name of the server.

Additionally, the Security Client communicates with the ManagementServer on port 7161. If this port is not open, no communication between the client and the server is possible.

A common cause for communication related issues is that port 7161 is blocked by a firewall. This could be a firewall on the client side, server side or at a network level.

Make sure that port 7161 (TCP) has been opened on any firewall between the client and the server.


You can use the Telnet command to check if the client can resolve the name of the server, as well as if the necessary port has correctly been opened.

On the client side, enable the Telnet command via the Windows Programs & Features as follows:

A. On a Windows Workstation:

Open Programs & Features and click Turn Windows features on or off at the left of the screen.

Click the check box next to Telnet Client then click OK.

Wait until the feature is installed by Windows.

 

B. On a Windows Server:

Open the Server Manager window and click Manage > Add Roles and Features.

Click Next until you get to the screen named Features, check the option Telnet Client, click Next once more then Install.

Wait until the feature is installed by Windows.

 

Now open a command prompt on the client and type in the following command:

Telnet Management_Server_Name 7161

If the command was successful, a new window will open which contains a seemingly random set of characters. This shows that the client could correctly connect to the server on port 7161.

If the command fails you will instead receive an error message such as “Connection failed”.

It can either mean that the server name could not be resolved or that port 7161 is not open. To determine which one of the issues you are facing try again the command Telnet, this time with the IP address of the server.

If the command has been successful this time, then the domain name resolution is not working correctly for the server name. In this case you will have to take a look at your DNS server and correct any possible issues with it.

It is also possible to allow the clients to use the IP address of the server instead to establish the connection, however this requires additional configurations. The following article gives you an overview of the process:

How allow the ManagementServer to be contacted via its IP address by the Security Clients

If the command has failed even with the IP address of the server, then the port 7161 is not open between the client and the server. In this case, please check the configurations of any firewall between the client and the server, and allow port 7161 (TCP, direction “inbound” for the server).

Cause 3: Client installation corrupted

The reason for not communicating with the server can be that the client is no longer functioning properly.

To check if all the services of the client are correctly registered, proceed as follows:

On the client, open a Run prompt. (You can for example use the keyboard shortcut Windows Key + R)

Enter the following command then press OK:

Services.msc

Search for the service G DATA Security Client and check if it’s running.

Furthermore, you should see a couple of other G DATA services registered. Not all of these services need to be running.

 If the G DATA Security Client service is not running, right click on it and choose Start. If it fails to start with the error message “Error 1: Invalid function”, then check the following article:

The service “G Data Security Client” is not able to start with the error message "Error 1: Invalid function"

Otherwise, we recommend to reboot the computer and try again.

If the service G DATA Security Client still fails to start, or if it’s the only G DATA service present, then a reinstallation of the client will be necessary.

The following articles will help you with this process:

How to remove the G DATA Security Client for Windows

How to install the G DATA Security Client for Windows

Cause 4: Client tries to reach the wrong server

It is also possible that the Security Client tries to contact the wrong ManagementServer.

To be able to see from the client side which server it is assigned to, proceed as follows:

Open the Registry of the client via Regedit.

Go to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\G DATA\AVKClient

If it’s a 32 bit Operating System, go to the following key instead: HKEY_LOCAL_MACHINE\SOFTWARE\G DATA\AVKClient

Check if the value named Server has the correct name of the ManagementServer assigned to it.

If it is not the case, check the following article to learn how to change the server name locally:

How to change locally the ManagementServer or SubnetServer assigned to a Security Client

Cause 5: Database corrupted (Only if a large amount of clients show “No connection to server”)

In some rare cases after a program update or database migration it could happen that the database structure of the ManagementServer contains errors. This could result in a large amount of clients showing “No connection to server”.

The database is automatically checked for errors and repaired upon restart of the ManagementServer’s service.

To restart the service, you can either reboot the server or proceed as follows:

On the ManagementServer, open a Run prompt. (You can for example use the keyboard shortcut Windows Key + R)

Enter the following command then press OK:

Services.msc

Search for the service G DATA ManagementServer, then right-click on it and choose Restart.

Wait for 30 min and check if the clients are able to connect now.

Cause 6: Client never connected

If on the panel Clients > Overview of G DATA Administrator, only the fields "Client" and "Security Status" are filled, but all the other fields are empty, it means that this particular client never connected successfully to the server.

The reason could be any of the above mentioned issues, but you will also have to consider the possibility of this client not existing anymore on the network, or having been renamed.

Cause 7: Other causes requiring support logs

If all of the previously mentioned points were checked and none of them allowed to locate the issue, you will need to take debug logs of the Security Client.

The following article will help you to collect the mentioned logs:

How to take debug logs of the G DATA Security Client in case of communication issues with the ManagementServer

Once you have the logs, forward them to G DATA Support with a precise description of the issue you have experienced, as well as what you have already tried in order to solve it.

Click here to access the support contact form

Last change:
18/07/17

Operating system:
 Windows

Products:
 Endpoint Protection Business
 Managed Endpoint Security
 AntiVirus Business
 Client Security Business