cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LSAGENT Error TLS 1.2 with cloud relay

prid3bowl
Engaged Sweeper II
Hi,
we try to install the lsagent on Windows 10 pc with the cloud relay key for remote scanning. On the server side i succefully enable the cloud key relay it said "LSagent access granted". But when i try to scan the remote pc i always got the same error:

2021-11-23 15:23:54,513 [7] DEBUG Created RelayCommunicationSender to URL https://lsagentrelay.lansweeper.com/EchoService.svc
2021-11-23 15:23:54,553 [7] DEBUG Attach ServerCertificateValidationCallback
2021-11-23 15:23:54,570 [7] DEBUG CreateFactoryInstance for endpoint https://lsagentrelay.lansweeper.com/EchoService.svc, EchoService
2021-11-23 15:23:54,792 [7] DEBUG ServicePointManager.ServerCertificateValidationCallback
2021-11-23 15:23:55,460 [7] ERROR A communication error occurred. Verify that at least TLS 1.2 is enabled and retry.
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail] : CompanyHasNoDefaultGroupAvailable (le détail de l'erreur est égal à ExceptionDetail, probablement créé par IncludeExceptionDetailInFaults=True, dont la valeur est :
Lansweeper.Echo.Server.Domain.EchoException: CompanyHasNoDefaultGroupAvailable

On both side ive enabled TLS 1.2 and ive created the registry key under SCHANNEL
-Protocols
--TLS 1.2
---Client
and i create a DWORD ENABLED at 1 and a DWORD DisabledByDefault at 0
I've restart both side and i still have a no go, always the same TLS error.
We have internal server scanning working and scanning for years but we wanna keep trace with the home work and laptop not showing for weeks.
So any idea? Thanks
2 REPLIES 2

user123445
Engaged Sweeper
Hi,

Did you ever figure this out? I have the same problem here. I'm running the latest version of Lansweeper (9.1.41.1) and Lsagent 9.1.0.8. Was also seeing the same error on previous Lansweeper & lsagent versions.

I can confirm the minimum requirements are in place:
- TLS 1.2
- .NET 4.8
- Connectivity to the Relay URL on 443
- Web browser can also access the URL

I have found a number of 'odd' fixes but none of them are that feasible due to the number of devices which have lsagent installed.

One thing which seems to work for some PCs is restarting the lsagent service twice - not once, but twice!

The next fix, which seems to be resolving the issue on most desktops but is again un-workable as a fix is:
- Login to the PC
- Open the URL https://lsagentrelay.lansweeper.com/EchoService.svc in a web browser
- Restart the service

It will work straight after this is done. On checking the logs after the service restart i'll see it has worked.

Again - not feasible as I can't login to hundreds of PCs and open a URL.

On one PC last night, all I did was login to the PC and open the URL. I didn't restart the browser, it just simply worked. On the next hourly check, the PC had checked in.

Has anyone any ideas here?

I can post a full log showing the service restart x 2 & issue being resolved if anyone's interested!


2022-02-15 09:14:47,096 [7] DEBUG Waiting 60 minutes until next iteration
2022-02-15 10:14:47,119 [7] DEBUG Detected OS: Windows
2022-02-15 10:14:47,119 [7] DEBUG Reading ini file.
2022-02-15 10:14:47,119 [7] DEBUG Loading LS Agent Configuration File.
2022-02-15 10:14:47,119 [7] DEBUG Getting asset id
2022-02-15 10:14:47,119 [7] DEBUG Existing asset id found: b21a01dc-6c35-4e1d-ae86-b401ca22ebf4
2022-02-15 10:14:47,135 [7] DEBUG Creating communication channel
2022-02-15 10:14:47,135 [7] INFO CreateReachableEndPoint for b21a01dc-6c35-4e1d-ae86-b401ca22ebf4
2022-02-15 10:14:47,150 [7] DEBUG Created RelayCommunicationSender to URL https://lsagentrelay.lansweeper.com/EchoService.svc
2022-02-15 10:14:47,150 [7] DEBUG Getting asset status
2022-02-15 10:14:47,400 [7] DEBUG ServicePointManager.ServerCertificateValidationCallback
2022-02-15 10:14:47,400 [7] ERROR A communication error occurred. Verify that at least TLS 1.2 is enabled and retry
System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'lsagentrelay.lansweeper.com'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---

Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Lansweeper.Echo.Server.IService.IEchoService.GetAssetStatus(Guid agentKey, Guid assetId)
at Lansweeper.Echo.Client.SA.WcfAssetServiceAgent..(IEchoService )
at Lansweeper.Echo.Client.SA.Wcf.WcfServiceInvoker.InvokeService[T,R](Func`2 invokeHandler)
at Lansweeper.Echo.Client.SA.WcfAssetServiceAgent.GetAssetStatus(Guid agentKey, Guid assetId)
at Lansweeper.Echo.Client.SA.RelayCommunicationSender.GetAssetStatus()
at Lansweeper.Echo.Client.BL.EchoClient.RunLsAgentProcess()
2022-02-15 10:14:47,400 [7] DEBUG Saving ini settings

prid3bowl
Engaged Sweeper II
Upgrade to Lansweeper 9.1 solved my issue.