1 / 18

LANDesk Management Gateway

LANDesk Management Gateway. Broker Certificate Request (in-depth) & Review. Overview. Basic Management Gateway Design (Review) Common issues and items to check when troubleshooting or installing the Gateway Tips and Tricks Issues of note

micheal
Download Presentation

LANDesk Management Gateway

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LANDesk Management Gateway Broker Certificate Request (in-depth) & Review

  2. Overview • Basic Management Gateway Design (Review) • Common issues and items to check when troubleshooting or installing the Gateway • Tips and Tricks • Issues of note • In-depth walk through of the Broker Certificate Request Process

  3. Basic Management Gateway Design

  4. Common Issues and items to check • Initial Gateway Setup:

  5. Common issues and items to check • Initial Gateway Setup:

  6. Common issues and items to check Core: C:\Program Files\LANDesk\Shared Files\Keys Client: C:\Program Files\LANDesk\Shared Files\cbaroot\certs

  7. Common issues and items to check

  8. Common issues and items to check Can any LANDesk Client system reach http://GatewayIPAddress at a bare minimum?

  9. Common issues and items to check

  10. Common issues and items to checkSoftware Distribution: (DOC-3105) 1. Make sure the client has successfully retrieved a certificate (BrokerConfig).2. The package must be local to the Core Server on an HTTP share, or accessible on an HTTP site on the Internet.3. The Delivery Method must be a Policy, no other delivery methods will work properly.4. HKLM\Software\Intel\LANDesk\LDWM\CoreServer MUST be the hostname of the core server, in rare situations a FQDN will work but an IP address for the core server will never work.

  11. Common issues and items to check

  12. Common issues and items to check • Remote Control is separate from Brokerconfig.exe. “Gateway Mode” for remote control will only post the client to the Gateway for remote control and nothing else. • Test if an outside client (your system) can at least reach the public IP address of the Gateway on http and https. • Reaching https on the IP address is the bare minimum to function • Issue: A remote control viewer cannot see a client that is in “Gateway Mode”. • Answer: Check the “Organization” setting for the user in question and make sure that it’s configured for the default “*”. • Issue: The Gateway Service on the core continually stops. • Fact: If the Gateway Service cannot establish it’s SSL connections to the core it will shut down. • Common cause is the incorrect password entered on the core. • Resolution: Unlock the service account on the Gateway, set a new password as needed, and re-enter the credentials on the core.

  13. Tips and Tricks • Outbound Connections • Activation • Checking for Gateway updates • Downloading Gateway updates • SMTP Traffic Port 25: Used to email logs and alerts from the Gateway to the configured email address. (optional) • Inbound Connections • Port 443: Core and Clients for LDMS usage • Port 80: On-demand remote control agent website access (Optional) • Port 22: SSH access. (Optional)

  14. Tips and Tricks • Activation • The Management Gateway must have port 80 and 443 access to license.landesk.com. Test with this command: telnet license.landesk.com 80 • The Management Gateway must be able to resolve “license.landesk.com”. There are two possible ways to configure this: • Configure the gateway to use a valid and working DNS server • Add “license.landesk.com” to the hosts file. • Note: The hosts file is regenerated whenever network settings are saved. So any manual changes can be overwritten.

  15. Tips and Tricks • Updating and Downloading • The Management Gateway must have port 80 access to the patch servers. • Patch.landesk.com • Patchec.landesk.com • Patchemea.landesk.com • The patch servers must be resolved by DNS or an entry in the hosts file is needed. • The patches can be detected using port 443 however, they are downloaded using port 80.

  16. Issues of note: • ISO build of the Gateway will run out of space. (debug.log issue) • http://kbwiki.landesk.com/gurunet/default.aspx?page=article&id=78565 • Troubleshooting Gateway Activation. • http://community.landesk.com/support/docs/DOC-2129 • Gateway VMWare Edition Information and issues. • http://kbwiki.landesk.com/gurunet/default.aspx?page=article&id=84310

  17. Walkthrough of the Broker Certificate Request Process

  18. Further Questions/Contact Information • Name: John Trafelet, PSE Console • Email: john.trafelet@landesk.com

More Related