This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 3%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Multiple servers triggered heartbeat alerts without the failed to connect alert that is usually associated with it all at the same time on the same day. When I logged onto one of the servers, I checked the operations log and I could see error event IDs 21006 and 21016 continuously being logged. The first thing I did to troubleshoot was to stop the health service on the server, delete the health state folder, then restart the health service again, but the logs still generated the same Event IDs. I also cleared the health state folder on the management server as well, but no dice. I also confirmed port 5723 is open from the agent server to the management server. The next thing Im going to try is just uninstall the agent and then re-install it. If this doesn't work, does anyone else have any other tips I could try?
Hi JCC,
I don't think re-installing the agent will bring something here, but you can of course try with one system.
Are the affected agents in the same domain or are they communicating to a Gateway server? If so, please make sure the certificates, sued for authentication are vallid both on the Gateway and also on the Management Servers.
The next things you need to check:
Please post an update here, let's see what we can do about this.
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Stoyan Chalakov
Hi Stoyan,
The Management Servers and the agent-managed servers are on the same domain and no gateway server is being used. There are 12 servers that are affected and 10 of them are reporting to one management server and 2 to another one. In the events log of my management servers, I see the servers are cycling through all the management servers trying to connect to one of them but they dont.
The health of all my management servers are healthy and we have hundreds of other servers that are on the same domain being monitored properly.
Something is telling me this may be a McAfee issue. Is that possible? Could McAfee be blocking the communication between the agent-managed server and Management server they are reporting too? All servers that are affected are in the same region and they all triggered a heartbeat failure at the same time, but there are other servers in the same region, that are owned by a different application group, that are being monitored correctly.
Hi Stoyan