The "On-demand Remote Control for Windows" no longer works when downloaded from the CSA. I do not know if this is considered a known bug or just no longer supported.
However, if you create anew LANDesk agent for On-Demand Remote Control using the document found at http://community.landesk.com/support/docs/DOC-30443. This works for us.
Thank you very much for replying. I really do appreciate it. Hopefully I can pick your brain
Ok.. as for the "On-Demand Remote Control for Windows", this does work for us just fine. When I first try to click on the link I got a 404 error. I had to follow this document to resolve it:http://community.landesk.com/support/docs/DOC-29460
I plan on using the "On-Demand Remote Control for Windows" button to remote control devices w/o LANDesk agents on them.
I do have a few questions regarding the document you provided and your process.
- In your environment, do you have the CSA information baked into your normal Agent Configuration?
- Do you use that Custom Configuration for both devices with and without LANDesk Agent deployed on the device?
- If you want to remote control a device outside the LAN, does the user need to visit the CSA "Portal" page first and run the custom agent?
If you can help clarify, it would be greatly appreciated. My issue might be that I invision the CSA being used in a way it is was not meant to be.
I have identical symptoms to tkhowdee. CSA up and running and I can send inventory reports to the core from the Internet. But when I select the device in LDMS console and "Remote Control via managment gateway" and enter credentials I get endless loop "Searching for a matching connection"
Could anyone from Landesk please respond?
I finally got it resolved a week or so ago. I made 3 changes and now I am able to remote control devices outside our network via CSA.
1. Trusted Services - I had my appliance hardened to not allow HTTP (port 80). From what i found out, the remote clients talks on port 80. So allow Port 80. When connections are established, it goes to HTTPS (Security > Trusted Services)
2. Allowed Address - Make sure to allow 192.168.0.0/16. Most home users are on 192.x.x.x. So if you deny then, well.. they can't get in. I hope I am understanding this properly.
3. Additonal Host Name on Gateway services Page - Make sure to put the public IP for the CSA box, as well as the FQDN for the server.
I did all these changes at the same time, and I was able to sucessfully see and remote control devices outside my network.
I didn't have time to see which change was the exact fix, but well.. it works. Please report back and let us know if it works for you.
Still no go. I'd already done step 1 but tried 2 and 3.
Could I compare notes a bit? We are NAT only (no DMZ) and are using only eth0 on our CSA with a private IP address. The Cisco firewall port maps from this to a public address. Our SSL cert is working to the public domain address.
In LDMS console I have under "Manage Cloud Services Appliance"
CSA public name publichost.domain.com
CSA public IP address <public IP address> (I've also tried publichost.domain.com)
I've tried with and without checking "Use Internal address"
I must say the documentation on this product is spotty. There's oodles of doc's but you read through and come across references to old versions. I think we're on CSA 4.3 - just bought it couple months ago.
Stumped here. I might try loading 9.5sp2 but other than that Landesk wants $2000 to make one support call - ouch!
Hey.. $2000 for one support call? I'm in teh wrong business.. I will do it for $1000 I'm just messing.
Here is what I would suggest..
We are in DMZ, but we still have a FW. We basically have the same setup as you, but our device is in a protected DMZ. We are also using a single nic on the CSA.
Here is what I woudl confirm.
1. Verify that port 80 and 443 are actaully being forwarded to your CSA device from the firewall. Check that both the http: and https: lands on your CSA home page.
2. As for SSL Cert, we have not put a proper cert on it yet. We are still using teh self signed cert for now (we will move it to real cert later).
3. CSA Tab - I populated both the Public and Internal side:
- CSA Public Name - whatever name you have on your DNS
- CSA Public IP - the public IP Address for your CSA
- Password - well.. the password
- Checked Use Internal Address
- CSA Internal Name - FQDN for your AD
- Internal IP - the private IP Address
4. Agent Configuration - Just want to confirm. Did you make a new agent after building your CSA stuff? There are options to make sure the agent has the CSA information, and make sure to push it to your devices. Look at the "Client Connectivity" under the agent configuration. You need to make sure to configure the settings there for the endpoint devices.
5. Does remote control work from the on-demand / remote assistant client?
Hopefully that will work out. If you have any more questions.. i will only charge $800 this time What a savings!!
Either way.. best of luck. Let me know how it goes.
To be fair there was a mixup with our licensing and Landesk/IBM staff have graciously sorted out (thanks!). So I should be entitled to call for support after all. I think I'll do that to avoid the trial and error. Either way I'll let you know but as I'm bit swamped with work it may be next week. Thanks for your help Ton!