Remote control via management gateway doesn't work - The client doesn't appear in the remote control list

Version 11

    Verified Product Versions

    LANDESK Management Suite 9.5LANDESK Management Suite 9.6LANDESK Management Suite 2016.x

    Environment

    LANDesk Cloud Services Appliance 4.2

    LANDesk Cloud Services Appliance 4.3

     

    Problem/Issue/Symptoms

     

    The managed nodes connected to the internet outside the Cloud Services Appliance are not remote controllable.

     

    The symptoms are the following:

     

    1) Right-clicking the device in the Management Console and selecting Remote control via management gateway makes the Remote Control enter in an endless Searching for a matching connection state as if the machine wasn't connected to the internet and to the Cloud Services Appliance.

     

    searching_for_a_matching_connection.png

     

     

    2) Opening the web interface of the Cloud Services Appliance and selecting Remote Control Agents doesn't show the clients connected to the internet outside the appliance

     

    remote_control_agents.png

     

    3) If you start the remote control viewer on the Core Server launching isscntr.exe, select the gateway mode and type gsb://<DNS name of the appliance> in the remote computer field, as long as your core server name, the remote clients are not displayed.

     

     

    start_connection.png

    Cause

     

    The most common reasons for this problem are the following.

     

    A. The Cloud Services Appliance is not communicating correctly with the Internet.

     

    B. The remote client doesn't have the necessary certificate to communicate with the appliance.


    C. A Cloud Services Appliance not directly connected to the internet, but with a firewall, a router, or any other device doing port address translation between the public IP address reachable by the remote clients and the Cloud Services Appliance. After upgrading the the LANDesk Management Suite to the 9.5 SP1 version, specifying the public IP address in the Gateway service section is needed.

     

    Solution

     

    Cause A


    1. From a device connected to the internet outside the appliance, verify the availability of the appliance opening its DNS name in a web browser either via http and https, for instance trying to reach http://csa.companyname.com and https://csa.companyname.com

    2. Verify the the TCP ports 80 and 443 are correctly opened between the appliance and the internet. The port 80 must be opened both ways, and 443 at least for the inbound traffic.
    3. Verify the list of the ports used by the LANDesk Management Suite here: Ports used by LANDESK Management Suite - Full List

     

    Cause B

     

    1. On the remote client, start BrokerConfig.exe and verify, in the Gateway information panel, that IP address and name of the appliance are correct

    2. In the Certificate request panel, verify that the note at the bottom of the window The client certificate is already present
    3. If the certificate is not present, type the credentials needed to retrieve a certificate from the core and click Send
    4. If the appliance information are not correct, redeploy the LANDesk agent on the client after having verified the Cloud Services Appliance on the Core

    5. To generally troubleshoot BrokerConfig issues: How To: Troubleshoot Brokerconfig and General Gateway Agent Issues.

     

    Cause C

     

    1. Open the Cloud Services Appliance Console

    2. Click on Gateway service

    3. In the Additional host names field, type the public internet IP address and the DNS name of your appliance, for example 154.168.134.21 ldcsa43.lab.com

    4. Save the configuration

    5. Remote control your systems via the appliance with one of the three methods listed in the symptoms section

     

     

    gateway_service_configuration.png

     

    Additional Areas To Look Into:

    Verify Gateway mode on the client: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Intel\LANDesk\WUSER32\Gateway    0=Use Direct, 1=Use CSA,

    Verify client .0 file is pointing to the correct CSA.

    Check Client remote settings to see if html or legacy are enabled.

    If none of these ideas help, please try a re-install of the client.