KS-Soft. Network Management Solutions
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister    ProfileProfile    Log inLog in 

Active Agent Allow Remote Management - TCP Sessions

 
Post new topic   Reply to topic    KS-Soft Forum Index -> Wish list
View previous topic :: View next topic  
Author Message
seelye



Joined: 17 Sep 2005
Posts: 40
Location: USA

PostPosted: Mon Jan 15, 2018 10:46 am    Post subject: Active Agent Allow Remote Management - TCP Sessions Reply with quote

We have our Active RMAs setup to use port 5056/tcp for the HM Connection and 5057/tcp for the "Allow remote Management" option.

As we have been adjusting our firewall logging for better compliance we are seeing a huge number of TCP Connection Reject messages.

We traced this down to the fact that when the RMA Manager client is not running on our HM server, there is nothing listening for a connection on 5057/tcp. This makes sense but the Active Agents are very persistent and causing a huge number of log entries.

We don’t really have the option to leave the HM Server logged on just to keep the RMA Manager running. So I'm curious if you would consider modifying the Active Agent in one of the following manners (or something similar).

1) Have the Active Agent check for the RMA Manager less frequently? Once ever X minutes and give us the option to define that interval.

2) Or more ideal have the Active Agent accept a command from HM that would turn on/off Remote Management. Then we could turn ON Remote Management via a HM test via the already established 5056/tcp connection. This way 5057/tcp would remain quiet until needed. Perhaps similar to the PING rma itself we could have another PING rma remotemanage_on and PING rma remotemanage_off could be triggers to allow this kind of management toggle.

3) Or the most ideal, proxy the RMA Manager through HM’s existing connection to the RMA Agents. Yes I know this would likely be the hardest rewrite, but perhaps the cleanest in the long run.

Or do you have another creative solution. And no, I cannot filter out these annoyance logs from our firewall.

Do you think this modification is possible?


Last edited by seelye on Mon Jan 15, 2018 12:02 pm; edited 1 time in total
Back to top
View user's profile Send private message
seelye



Joined: 17 Sep 2005
Posts: 40
Location: USA

PostPosted: Mon Jan 15, 2018 10:48 am    Post subject: Reply with quote

Oh and OOPS! I'm running HM v10.70 with RMA v5.42

I haven't scheduled our 11.x upgrade yet.
Back to top
View user's profile Send private message
KS-Soft



Joined: 03 Apr 2002
Posts: 12790
Location: USA

PostPosted: Mon Jan 15, 2018 12:52 pm    Post subject: Reply with quote

Actually #1 and #2 implemented many years ago
(well #2 works differently: RMA Manager signals HostMonitor, HostMonitor sends special command to all Active RMA agents and agents connect to RMA Manager immediately)

But function#2 does not work when HostMonitor running as service on Windows 7 or newer; item #1 does not have much sense without #2.
We will check how we can fix this on modern Windows...

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
seelye



Joined: 17 Sep 2005
Posts: 40
Location: USA

PostPosted: Tue Jan 16, 2018 8:00 am    Post subject: Reply with quote

I'm running HM on Windows Server 2008 R2 but the agents are all over the place. The RMA is typically on Windows 2008 R2 or higher with only a few Windows 7.

And yes in all cases these are running as services.

Glad to know some functionality is there. Hopefully it makes it easier to implement on the new OS's.

Thanks again.
Back to top
View user's profile Send private message
KS-Soft



Joined: 03 Apr 2002
Posts: 12790
Location: USA

PostPosted: Tue Jan 16, 2018 12:19 pm    Post subject: Reply with quote

Will be implemented in version 11.08, probably next week

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
seelye



Joined: 17 Sep 2005
Posts: 40
Location: USA

PostPosted: Tue Jan 16, 2018 1:47 pm    Post subject: Reply with quote

Thank you. You have an awesome product with awesome support as usual.
Back to top
View user's profile Send private message
KS-Soft



Joined: 03 Apr 2002
Posts: 12790
Location: USA

PostPosted: Mon Jan 29, 2018 10:37 am    Post subject: Reply with quote

If you updated HostMonitor and RMA Manager to latest version, then you may modify Active RMA settings - you need to modify rma.ini file.
Please send request to support@ks-soft.net

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    KS-Soft Forum Index -> Wish list All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

KS-Soft Forum Index