Kaseya Community

Problems with Kaseya Agents on Untangle

  • Hello Everyone,

    Currently we use ISA for our office, and have no problems with Kaseya BUDR/Agents. We are attempting to do a switch to Untangle as our primary firewall, and during the switch we found that no agent checked in. We confirmed that we have port 5721/80/443 open inbound and outbound, and destined to the appropriate server. Both TCP and UDP are enabled for port 5721.

    Anyone have experience with configuring an Untangle box for Kaseya? We are able to access Kaseya, this simply seems to be an Agent specific issue.

    Thanks.

    Legacy Forum Name: Problems with Kaseya Agents on Untangle,
    Legacy Posted By Username: darrylb
  • Question: What do you have as the primary and secondary K server address for the clients? Is it a host name, or an IP address?

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: boudj
  • Primary uses the hostname, secondary uses the IP.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb
  • Interesting... try and telnet into port 5721 from your client system using both settings.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: boudj
  • It does not work. That was one of the first things that was tested. I believe the firewall is not routing this traffic, but I cant be completely sure.

    We ended up removing the Untangle and going back to the ISA temporarily.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb
  • I would think it's the firewall. Unfortunately, I do not work with untangle so I have no good advice on how to allow this traffic through it.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: boudj
  • That is what my guess is. I am pretty good with ISA and other firewalls, but I think I am probably missing a selection on the Untangle box. Still learning the systems!

    Thanks for your attempt!

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb
  • We use untangle infront of Kaseya. A couple thing you need to ensure you configure.

    1) Forwarders, unless your internal IP address is a public address you will need to forward 5781,80,443 to the internal address.
    2) Pack Filters, untangle blocks everything inbound by default regardless of whether you have the firewall application installed. Under config -> Network --> Advanced -> Packet Filters you will need to add the above ports. Because of the Packet Filters, you won't even see things hit the firewall applicatio and therefor do not show up in the firewall event log.
    3) You will have to add the rules in the firewall event log. Try turning this off first to confirm if that section is the problem.

    Note: These are all TCP and you do not need UDP.

    All other features that we have used with Untangle (eg. intrusion, spyware, etc.) have not cause any problems for Kaseya.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: doug.jenkins@ispire.ca
  • I can almost guarantee the issue is #2!

    Thanks, We had the forwarders setup, and the firewall set to off at this moment for diagnostic purposes. I will test this out either today or monday and let you know.

    Greatly appreciated.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb
  • Well, sadly that did not help in our problem. It was a great idea though.

    I did research this a bit further and found that without packet filtering being modified, we still had email and other items operating fine. Untangle documentation states that it does not recommend the use of Packet Filtering either, as they suggest the use of the firewall addon.

    Not quite sure where to go from here, but I am going to keep going at it.

    Thanks

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb
  • I booted up our Untangle box setup we used. We had multiple IP's so we used the 1-to-1 redirection for a secondary IP and routed it straight to the internal NAT'd IP.

    Ex:
    External IP -> Internal IP
    22.22.22.22 -> 10.10.10.1

    We also changed the SSL port of the Untangle box itself to something other than 443.

    All ports except 5721, 80 and 443 were closed which ended up being a pain in the ass because things like FTP use tons of ports. So we ended up leaving the firewall 'open' and relying on the other protection like Intrusion Prevention and the Attack Blocker to keep everything secure.

    Basic Setup was as follows:

    Config -> Networking -> Interfaces -> External
    We insert all our extra allocated IP address in the IP Address Alias section

    then go to Port Forwards

    Name
    Kaseya Agents
    Protocol -> TCP | UDP
    Destination Address -> External IP Alias from above
    Destination port -> 5721
    Forward traffic to following location
    New Destination -> Internal NAT'd IP
    New Port -> 5721

    Name
    Kaseya SSL
    Everything Same as above except port is 443 instead of 5721

    Name
    Kaseya Web
    Again everything same but replace the port with 80


    At the time nothing else was changed in regards to any of the advanced packet filtering or anything.

    Edit: If you don't have separate IP's try replacing the "Destination Address" above with "Destined Local" and see if that works. The port forwarding area on Untangle makes little sense and it is confusing if you are new to it. Some things are backwards when you start putting the rules together.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: CeruleanBlue
  • We use Untangle and manage it via Kaseya with no problems.

    We have multiple public ip's and have one dedicated Ip for our kaseya server.

    We have had no problem with it and would gladly help you get set up.

    Do you have a dedicated IP for kaseya? If so have you added the public IP to the external interface on Untangle?

    Have you then set up NAT on the internal interface that goes to the network that your Kaseya server is on?

    Then have you set up Port Forwarding on that internal interface to go back to the real world ip?

    Finally if you are using SSL and you are on Untangle 6.01 or greater then go to Advanced mode and on the General menu make sure you uncheck Untangle Administration overrides port forwards (this is on by default). Then you can leave untangle admin ssl on port 443 also (if it is on a different ip).

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: Mark Shehan
  • We figured out what the problem was, and it was completely dumb.

    Found that the issue was related to the netmask that was entered. But no worries! I am wearing my dunce cap!

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: darrylb