Description
The Cloud Services Appliance ( CSA ) / Management Gateway must have communication to the following locations:
- Device on the public Internet.
- Agents connect from the Internet.
- Gateway connects to the LANDesk Activation Servers.
- Gateway connect to the LANDesk Update Servers.
- Agents connect from the Internet.
- The Core Server connects to the Cloud Services Appliance ( CSA ) / Management Gateway with a Secure Connection on port 443.
- Management connections, usually from the IT Adminsitrators' workstation to the Cloud Services Appliance ( CSA ) / Management Gateway.
- The Cloud Services Appliance ( CSA ) / Management Gateway can send out administrative emails.
Port 443 is the only required port for full functionality
Cloud Services Appliance ( CSA ) / Management Gateway to / from the Internet
HTTP (TCP Port 80)
- Incoming - Workstations on the internet connect to download tools such as the Remote Control Viewer and the On-demand Remote Control Agent. (this is optional and can also be done over 443)
- Outgoing - Cloud Services Appliance ( CSA ) / Management Gateway updates and activation. (This can be narrowed down to just connect to license.landesk.com and patch.landesk.com on 80 via external firewall rule)
HTTPS (TCP Port 443)
- Incoming - Agent workstations connect from anywhere on the internet.
- Outgoing - Management Gateway updates and activation. (This can be narrowed down to just connect to license.landesk.com and patch.landesk.com on 443 via external firewall rule)
DNS (TCP and UDP Port 53)
Note: This is not required for functionality as host entries can be made manually as well
- Outgoing -DNS should only be required for resolving the activation server for online activation and for resolving the update servers for downloading and applying updates.
- This may also be used to resolve the Core Server name.
DNS (UDP Port 53)
Note: This is not required for functionality as host entries can be made manually as well
- Outgoing -DNS should only be required for resolving the activation server for online activation and for resolving the update servers for downloading and applying updates.
Note: The hosts file can be configured with addresses for the Core Server, Activation Servers, and Update Servers. See this article for more information:The Management Gateway Appliance Now Allows for Adding Host Entries to /etc/hosts through the Web Interface
Core Server to/from the Gateway
HTTPS (TCP Port 443)
- Incoming - The Core Server establishes secure connections to the Management Gateway.
Management connections
SSH (TCP Port 22)
- Incoming -SSH is only required for allowing remote administration and/or troubleshooting. This is not required for functionality
HTTP (TCP Port 80)
- Incoming - For access to the web interface allowing remote administration. (this is optional and can also be done over 443)
- Incoming - Other local workstations may connect to download tools such as the Remote Control Viewer and the On-demand Remote Control Agent.(this is optional and can also be done over 443)
Gateway to a Desired Mail Server
SMTP (TCP Port 25)
Note: This is not required for functionality
- Outgoing - SMTP is only required for sending administrative emails to the email address configured to receive such alerts.
