Re-establishing the communication between Distribution Server, Agents & Probes and Central Server

While configuring Secure Gateway Server in your network, it is necessary to ensure that all agents, distribution servers, and probes communicate with the Central Server properly. Depending on the component, proceed with the steps provided in that particular component:

  Distribution Server Agents Probes
Configuring SGS in a fresh installation of RMM There'd be no issues There'd be no issues There'd be no issues
Configuring SGS in an existing setup of RMM The newly configured NAT and SGS settings will be synced automatically during configured replication interval** The newly configured NAT and SGS settings will be synced automatically during configured replication interval** Manually update the SGS details in each probe
**Note
  • The Central Server must remain configured as an Edge device for the entire 90 minute interval and must be reachable from the distribution servers & agents to ensure that all of them communicate with the server to sync the updated NAT and Secure Gateway Server settings.
  • After 90 minute interval, access to the Central Server can be restricted.
  • All the active agents will contact the RMM Central server within the 90-minute refresh policy. However, If the Distribution Servers/Agents are unable to reach the Central Server, then the Secure Gateway Server details should be updated manually.

1. Configuring SGS in a fresh installation of RMM

1.1. Distribution Servers, Agents and Probes

The FQDN / public IP address configured will be available and hence communication with the Central Server will work seamlessly for hassle-free management and monitoring. (Note: This public IP address of SGS will be mapped to the private IP address of RMM Central server).

2. Configuring SGS in an existing setup of RMM with distribution server, agents and probes installed already

After installation and configuration of SGS, if the same FQDN / public IP address (as that of RMM Central’s) is provided for SGS, there’d be no issues in the communication between Distribution Servers, Agents and Probes.

However, if you choose to provide a different FQDN / IP address, ensure that all the distribution servers and agents communicate with the RMM Central server for fetching the new FQDN / IP address, until which the RMM Central server should remain configured as the edge device. (Note: All the active agents will contact the RMM Central server within the 90-minute refresh policy). Probes will not be able to fetch the updated settings and hence SGS details must be updated manually in each probe.

2.1. Distribution Servers

If the Distribution Servers cannot contact the RMM Central server to fetch the updated FQDN / IP address, here’s what you need to do:

Windows

  • Download the Update_FQDN_Port_DS.bat file.
  • Important:
    In the downloaded script, replace "Provide NAT address here" with the new FQDN / public IP address of Secure Gateway Server.
    Replace "Provide Port number here" with the port number of the Secure Gateway Server.
  • Right-click the file and click Run as Administrator.

2.2. Agents

If the agents cannot contact the RMM Central server to fetch the updated FQDN / IP address, here’s what you need to do:

Based on your operating system, download and execute the following script:

Windows

  • Download the Update_FQDN_Port_Agent.bat file.
  • Important:
    In the downloaded script, replace "Provide NAT address here" with the new FQDN / public IP address of Secure Gateway Server.
    Replace "Provide Port number here" with the port number of the Secure Gateway Server.
  • Right-click the file and click Run as Administrator.

Linux

  • Download the Update_FQDN_Port_Agent_linux.sh file.
  • Execute the commands given below:
    sudo bash Update_FQDN_Port_Agent_linux.sh [fqdn_server_ip] [server_secure_port]
    For example: sudo bash Update_FQDN_Port_Agent_linux.sh securegateway.domain.com 8091

Mac

  • Download the Update_FQDN_Port_Agent_mac.sh file.
  • Execute the commands given below:
    sudo bash Update_FQDN_Port_Agent_mac.sh [fqdn_server_ip] [server_secure_port]
    For example: sudo bash Update_FQDN_Port_Agent_mac.sh securegateway.domain.com 8091

2.3. Probes

Probes do not contact the RMM Central server to fetch the updated FQDN / IP address. Hence, the Secure Gateway Server details have to be manually updated in each probe using the following steps:

Note: Ensure that the access to the RMM Central server using the previously configured FQDN / IP address is restricted. If the Central server is still reachable from the probe using the previous FQDN, you will not be able to update the Central server details.

  1. Login into the probe setup.
    SGS Probe Setup
  2. Navigate to Settings (In Probe) -> Under Configurations, Click on Central Server Details.
    SGS Probe Setup
  3. "The Central server is down" message will be shown for the existing FQDN of Central Server.
    SGS Probe Setup
  4. Enter the FQDN or public IP Address and Port number of the Secure Gateway Server and Click Save.
    SGS Probe Setup
  5. Central Server details have been updated successfully.

Note: Same process should be followed for all probes