Re-establishing the communication between Distribution Server, Agents & Probes and Central Server
While configuring Secure Gateway Server in your network, it is necessary to ensure that all agents, distribution servers, and probes communicate with the Central Server properly. Depending on the component, proceed with the steps provided in that particular component:
**Note
- The Central Server must remain configured as an Edge device for the entire 90 minute interval and must be reachable from the distribution servers & agents to ensure that all of them communicate with the server to sync the updated NAT and Secure Gateway Server settings.
- After 90 minute interval, access to the Central Server can be restricted.
- All the active agents will contact the RMM Central server within the 90-minute refresh policy. However, If the Distribution Servers/Agents are unable to reach the Central Server, then the Secure Gateway Server details should be updated manually.
1. Configuring SGS in a fresh installation of RMM
1.1. Distribution Servers, Agents and Probes
The FQDN / public IP address configured will be available and hence communication with the Central Server will work seamlessly for hassle-free management and monitoring. (Note: This public IP address of SGS will be mapped to the private IP address of RMM Central server).
After installation and configuration of SGS, if the same FQDN / public IP address (as that of RMM Central’s) is provided for SGS, there’d be no issues in the communication between Distribution Servers, Agents and Probes.
However, if you choose to provide a different FQDN / IP address, ensure that all the distribution servers and agents communicate with the RMM Central server for fetching the new FQDN / IP address, until which the RMM Central server should remain configured as the edge device. (Note: All the active agents will contact the RMM Central server within the 90-minute refresh policy). Probes will not be able to fetch the updated settings and hence SGS details must be updated manually in each probe.
If the Distribution Servers cannot contact the RMM Central server to fetch the updated FQDN / IP address, here’s what you need to do:
Windows
- Download the Update_FQDN_Port_DS.bat file.
- Important:
In the downloaded script, replace "Provide NAT address here" with the new FQDN / public IP address of Secure Gateway Server.
Replace "Provide Port number here" with the port number of the Secure Gateway Server.
- Right-click the file and click Run as Administrator.
If the agents cannot contact the RMM Central server to fetch the updated FQDN / IP address, here’s what you need to do:
Based on your operating system, download and execute the following script:
Windows
- Download the Update_FQDN_Port_Agent.bat file.
- Important:
In the downloaded script, replace "Provide NAT address here" with the new FQDN / public IP address of Secure Gateway Server.
Replace "Provide Port number here" with the port number of the Secure Gateway Server.
- Right-click the file and click Run as Administrator.
Linux
- Download the Update_FQDN_Port_Agent_linux.sh file.
- Execute the commands given below:
sudo bash Update_FQDN_Port_Agent_linux.sh [fqdn_server_ip] [server_secure_port]
For example: sudo bash Update_FQDN_Port_Agent_linux.sh securegateway.domain.com 8091
Mac
- Download the Update_FQDN_Port_Agent_mac.sh file.
- Execute the commands given below:
sudo bash Update_FQDN_Port_Agent_mac.sh [fqdn_server_ip] [server_secure_port]
For example: sudo bash Update_FQDN_Port_Agent_mac.sh securegateway.domain.com 8091
Probes do not contact the RMM Central server to fetch the updated FQDN / IP address. Hence, the Secure Gateway Server details have to be manually updated in each probe using the following steps:
Note: Ensure that the access to the RMM Central server using the previously configured FQDN / IP address is restricted. If the Central server is still reachable from the probe using the previous FQDN, you will not be able to update the Central server details.
- Login into the probe setup.
- Navigate to Settings (In Probe) -> Under Configurations, Click on Central Server Details.
- "The Central server is down" message will be shown for the existing FQDN of Central Server.
- Enter the FQDN or public IP Address and Port number of the Secure Gateway Server and Click Save.
- Central Server details have been updated successfully.
Note: Same process should be followed for all probes