Kaseya Community

Changing kaseya check-in port

  • Hello,

    We have some problems with the standard outbound port used by Kaseya Client 5721. Some customers of us have closed this port in their proxys and firewalls. Is there any problem if we use for check-in port the port TCP 80? Has anybody the experience of using this port?

    Kind regards,

    Txema Taboas


    Legacy Forum Name: Changing kaseya check-in port,
    Legacy Posted By Username: Txema Taboas
  • I would not recommend using port 80. Since this is the same port that Kaseya uses in IIS this can cause some issues. Now you can go into the IIS default server and change the port of the Kaseya portal but again, this is something I dont recommend.

    What I would do is if you dont use 443 for your Kaseya server (non-SSL enabled website) I would change it to 443. Since 443 is a common port you shouldnt have any issues with this port notbeing allowed through.

    God Bless,

    Marty


    Legacy Forum Name: Server,
    Legacy Posted By Username: MissingLink
  • Also be very careful if your server is multi-homed. Our data centre server is like this and the KServer service binds to the nominated port on all interfaces.

    We had this exact same issue as you and I wanted the option to run over port 80.

    Only solution we came up with (but haven't tested) was to use a firewall to do port translation from port 80 externally to 5721 internally.

    I believe the agent also has/had problems connecting through a proxy server, so if all outbound port 80 traffic goes through a proxy, you may have issues there.

    Are the customers against opening up the Kaseya port outbound? For customer sites, we didn't see a major problem. Biggest issue was going to be hotels, airports etc.

    gordon


    Legacy Forum Name: Server,
    Legacy Posted By Username: gordonc
  • I will follow your recommendations to avoid problems. My biggest problem is with airports, hotels, ... and with customers with little IT knowledge to open this outbound port.

    Thank you!


    Legacy Forum Name: Server,
    Legacy Posted By Username: Txema Taboas
  • Hello Xtema,

    Also be carefull with some kind of routers/firewall. Some of them have the "ability" to detect if traffic through port 80 is effectively HTTP traffic, and if not, they discard those packets (this is implemented to avoid some kind of external attacks).

    My experience is that is more efective to open / change the customer firewall settings than going on with port 80 on your Kserver.
    Regards,

    Angel.


    Legacy Forum Name: Server,
    Legacy Posted By Username: angel.amores