Open calub77 opened 1 year ago
I use a reverse proxy, and set my mesh clients to call out on port 443 (standard https port) I don't have issues with the clients not getting out.
this is in my config.json
"Port": 444, "AliasPort": 443,
Then in my reverse proxy, I redirect all mesh.example.com calls on port 443 to port 444
mesh clients are created with port 443 as the destination port
I don't think changing my config.json file will help.. the server is running behind a sonicwall with 112 node working fine.. my guess is that the paysafe may use a whitelist per program function but cant look so I really don't know. I do know the server can access the internet so I would assume that 80 and 443 is open but when i install meshagent it does not show up in the console.. would 4433 not being open cause it to not communicate at all?
Additional info.. PaySafe splits there network by subnets.. ie. managment nodes on 192.168.46.0/24 server on 192.168.40.0/24 I would assume they do this to isolate the server from attacks
I would 4433 not being open cause it to not communicate at all? Absolutely Many firewalls block outgoing packets on unusual ports.
Having the packets be for port 443 makes a huge difference
i will request them open the "agentport" and see if it fixes the issue... thanks
What happens if you try to just use a web browser to pull up your MeshCentral console from one of the servers? Does it allow the website to come up and let you log in or does it block that as well? If it is blocking even the website then it's likely they are using a whitelist for allowed websites/services.
that is a good point.. I don't think I tried to access the website from that node. I will try that too.. thanks
Is this still an issue?
I can not seem to get any access to a server that is behind a PaySafe Firewall. i have read all the port posts that i could find and i understand that the agent only makes outgoing calls on 80, 44, and 4433. Unfortunately PDI Technologies gives no access to end users to make changes or check logs all they give is a PaySafe Firewall Change Request Form. so i have no idea how they are handling their rules or nat or etc.. Form attached at bottom. main question is if the agent only makes outgoing calls what port does the server use when accessing the remote computer for remote access?
Server
Remote