Ports Needed for KACE Client on Remote Systems?
Hello, we recently moved a handful of offsite/remote domain-connected servers from one hosting provider to another, and ever since the move, those agents won't check in. I've manually removed and reinstalled the agent of them, but no joy. Their firewall admin is asking for any usual ports needed for the client and the only one I have documented is 65334. Someone in another thread mentions "52230/tcp of the K1000 is reachable as well". Am I missing something? Thanks
Answers (1)
What version of the SMA?
What version of the Agent?
The more current agent versions use port 443 to set up an SSL tunnel to the SMA.
Did you review the C:\ProgramData\Quest\KACE\konea.log and the C:\ProgramData\Quest\KACE\user\KAgent.log files for errors?
Did you check the SMA agent quarantine?
It is most likely not a port issue, it could also be an SSL trust issue.Knowledge base article: https://support.quest.com/kb/4214233/sma-external-listening-port-and-zones-explained
Comments:
-
Thanks for the info!
SMA 13.2.182, agent 13.2.27
Nothing in quarantine.
Reviewing logs later today.
The weird thing is that half (6) of the servers on that same remote subnet connect just fine, these other five don't. Looking in detail at these five to see if there's anything I'm missing.
SSL trust is something I'll look at.
Thanks again - OMIC_LS 1 week ago
