The managed nodes connected to the internet outside the Cloud Services Appliance can not being remote controlled.
The symptoms are the following:
- Opening the web interface of the Cloud Services Appliance and selecting Remote Control Agents doesn't show the clients connected to the internet outside the appliance.
If you start the remote control viewer on the Core Server launching isscntr.exe, select the gateway mode and type gsb://<DNS name of the appliance> in the remote computer field, as long as your core server name, the remote clients are not displayed.
The most common reasons for this problem are the following.
- The Cloud Services Appliance is not communicating correctly with the Internet.
- The remote client doesn't have the necessary certificate to communicate with the appliance.
- A Cloud Services Appliance not directly connected to the internet, but with a firewall, a router, or any other device doing port address translation between the public IP address reachable by the remote clients and the Cloud Services Appliance. After upgrading the the LANDesk Management Suite to the 9.5 SP1 version, specifying the public IP address in the Gateway service section is needed.
- From a device connected to the internet outside the appliance, verify the availability of the appliance opening its DNS name in a web browser either via http and https, for instance trying to reach http://csa.companyname.com and https://csa.companyname.com
- Verify the the TCP ports 80 and 443 are correctly opened between the appliance and the internet. The port 80 must be opened both ways, and 443 at least for the inbound traffic.
- Verify the list of the ports used by the LANDesk Management Suite here: About Ports used by Ivanti Endpoint Manager ( EPM ) / LANDESK Management Suite ( LDMS ) - full list
- On the remote client, start BrokerConfig.exe and verify, in the Gateway information panel, that IP address and name of the appliance are correct
- In the Certificate request panel, verify that the note at the bottom of the window The client certificate is already present
- If the certificate is not present, type the credentials needed to retrieve a certificate from the core and click Send
- If the appliance information are not correct, redeploy the LANDesk agent on the client after having verified the Cloud Services Appliance on the Core
- To generally troubleshoot BrokerConfig issues: How To: Troubleshoot Brokerconfig and General Gateway Agent Issues.
- Open the Cloud Services Appliance Console
- Click on Gateway service
- In the Additional host names field, type the public internet IP address and the DNS name of your appliance, for example 22.214.171.124 ldcsa43.lab.com
- Save the configuration
- Remote control your systems via the appliance with one of the three methods listed in the symptoms section
Additional Areas To Look Into:
- Verify Gateway mode on the client: "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Intel\LANDesk\WUSER32\Gateway " 0=Use Direct, 1=Use CSA,
- Verify client .0 file is pointing to the correct CSA. Check Client remote settings to see if HTML or legacy are enabled. If none of these ideas help, please try a re-install of the client.