Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Network Performance Monitor (NPM) > Error after installing MS updates: There was no endpoint listening

Error after installing MS updates: There was no endpoint listening

Updated May 29, 2017

Overview

This article address the issue where a SolarWinds product does not function properly after recent Windows updates.

The following are potential updates that could cause issues:  

  • KB 4019215

  • KB 4019213

  • KB 4018271

  • KB 4014590

  • KB 4014581

  • KB 4014510

  • KB 4014505

 

The following is a sample description for one of these updates:

CVE-2017-0248. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."


The following are sample messages found in logs:
SWIS V3
ERROR SolarWinds.InformationService.Core.InformationService - w3wp| /LM/W3SVC/2/ROOT-1-131401909248548235| SolarWinds.Orion.Web.DAL.PollerDAL.IsPollerAssigned()|  (null)  Exception caught in method SolarWinds.InformationService.Core.InformationService.RunQuery
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.tcp://{hostname}:17777/orion/core/businesslayer that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.


SWIS V2
WARN  SolarWinds.Data.Providers.Orion.Containers.DataProvider.ContainersDataProviderPlugin - Failed to subscribe to container change events. Will try again in one minute.
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.tcp://{hostname}:17777/SolarWinds/InformationService/v3/Orion/certificate that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.


An error occurred while dispatching a duplicated socket: this handle is now leaked in the process.
ID: 2800


Source: System.ServiceModel.Activation.TcpWorkerProcess/25351005
Exception: System.ServiceModel.FaultException: The client was unable to process the callback request due to an internal error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from CallbackBehaviorAttribute or from the <clientDebug> configuration behavior) on the client in order to send the exception information back to the server, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the client trace logs.


Server stack trace: 
   at System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message reply, MessageFault fault, String action, MessageVersion version, FaultConverter faultConverter)
   at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)


Exception rethrown at [0]: 
   at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Activation.WorkerProcess.EndDispatchSession(IAsyncResult result)
Process Name: SMSvcHost
Process ID: 2780

Environment

All Orion Platform versions

Cause 

This issue occurs when Microsoft updates affect firewall configurations. These updates may involve changes to the firewalls or security devices that usually permit SolarWinds traffic. For example, a Palo Alto Networks content update which modifies application identification causes the old policy to start denying traffic because it identifies the traffic as a different application. 

Resolution

  1. Check if you have a Windows firewall or an external firewall or security device that controls traffic flow. 
  2. Make changes to all applicable firewalls to ensure that inbound and outbound traffic on port 17777 is open to all Orion servers and to your external firewall or security devices. For the Palo Alto Networks content update, verify that the policy includes the "SolarWinds-Base" application.
  3. See Port requirements for all SolarWinds products as there may be other ports that have been affected.
 
Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third-party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

 

Last modified
19:12, 28 May 2017

Tags

Classifications

Public