FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff
Article Id 197493
Description
Persistent Agent Stops Communicating If Downgraded to Older 3.x Version

Solution

Affected Persistent Agent Version: 3.x


Issue:  Persistent Agent Stops Communicating If Downgraded to an Older 3.x Version



The following symptoms are seen:

On Network Sentry...
- "Logged on User" field is blank. 
- Unable to send a message or scan.
- Hosts View displays the correct Agent version.

On the PC...
- Persistent Agent icon is present in the tray
- Bradford Persistent Agent service is not listed under Services.
- Agent version shows an older 3.x version in the installed programs list.
 

These symptoms can occur if the agent was upgraded, then downgraded within the 3.x range. The following anomaly can be found in the Network Sentry Agent Version 3.5 Release notes:

"Anomaly: Downgrading the 3.x Persistent Agent to an older version of the 3.x Previous Agent fails. The newly installed (older) agent will not start.

Resolution: Downgrading the 3.x Persistent Agent on Windows to version 2.2 of the Persistent Agent does not have this issue, nor does Upgrading the 3.x Persistent Agent to a newer version. Using the "Repair" feature of Windows often corrects the issue."


The bndaemon.log will reflect the history of the versions the agent was running. 

Example 1 shows the agent was updated from 3.3.0.56 to 3.5.0.42 on July 29. The agent ran until Aug 06 12:46:51 2015 (presumably when the older 3.3 agent was re-pushed)...

---- Agent 3.3.0.56 Log Starting: Wed Jul 29 11:39:19 2015
---- Agent 3.5.0.42 Log Starting: Wed Jul 29 13:30:27 2015
---- Agent 3.5.0.42 Log Starting: Thu Aug 06 11:36:53 2015
---- Log ending: Thu Aug 06 12:46:51 2015

 


Instructions to obtain the Persistent Agent logs can be found in Solution 1717 "How to Enable Persistent Agent Debug Logging in Windows".



Solution: If a software push is used to distribute the agent initially, use it to update the agents to a newer version as well, and disable the Global Update feature in Network Sentry Admin UI.


To disable the Global Update feature:

1) Navigate to System > Settings> Persistent Agent Update
2) Uncheck the boxes next to "Update Windows Agents to Version" and "Mac OSX Agents to Version".



Contributors