/build/static/layout/Breadcrumb_cap_w.png

Machine's Checking in via the WEB?

One of the things that sold us on purchasing the kace 1000 appliance was the ability for out of band management. The only problem is I've yet to figure out how to get machines to checking when not on the company network. Is there a firewall rule that needs to be in place on the local machine's? We've set up a rule on our Sonic Wall, but machines are still not checking in over the WEB.

0 Comments   [ + ] Show comments

Answers (2)

Posted by: airwolf 13 years ago
Red Belt
0
You need a public DNS record to resolve your KBOX's name to your company's public IP. Your firewall then needs to properly route the traffic for that port (80 or 443, depending on whether you are using SSL) to the KBOX. If your KBOX name is kbox.domain.com, then you not only need the internal resolution of that name, but external. If a domain machine is sitting at a Starbucks, it is still trying to get to kbox.domain.com - so that's why you need the public DNS record to resolve that name to your company's front door.
Posted by: cblake 13 years ago
Red Belt
0
Note that Andy meant port 80 above; and your clients need to be deployed to use the FQDN (kbox.domain.com), not just "kbox". Once you move your K1 into the DMZ it will likely become attractive to enable SSL. Please do this carefully- do not disable port 80 too quickly, and use a certificate issued to your appliance by a primary root authority (Like Thawte, Verisign, Comodo, etc.); DO NOT use secondary authorty (GoDaddy.com, etc.), self-signed, domain, or wildcard certs. These will not work and may "brick" the appliance. Recommend contacting support before implementing your action plan to verify your risk level.

Comments:
  • There is no issue using a SSL certificate from Godaddy or wild card certificates.
    Look at https://support.kace.com. It's using a wild card certificate from GoDaddy - KevinG 12 years ago
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ