Kaseya Community

New Firewall / Public Static IP - How To Regain Access From The Outside

This question is answered

I inherited Kaseya when I started with the company a couple months ago. I recently updated our firewall and switched our internet service which in turn gaveme a new public static IP. The server for Kaseya was never changed and has always been the same. I took the port forwards from the old firewall and put them into the new firewall but I still cannot gain access to Kaseya outside the local network. I read an article saying that you may need to change your IIS settings for Kaseya but I went into there and see nothing showing the old public status IP address. I am at a loss as to where to go from here.  Not sure exactly that the edition is but I know at log in it says Kaseya Enterprise Edition 9.2.04 if that helps at all. The new firewall is a Sonicwall NSA 2600. Thanks.  

Verified Answer
  • @BluePoet  Offhand I'm going to say you'll need to verify the setup in the sonicwall.  I'm going to send you a PM separately with exactly why I think so.

    Well I was going to... But the messaging system here appears completely borked at the moment :(



    No PM's for you.
    [edited by: Jonathan at 11:33 AM (GMT -7) on Jun 28, 2017]
All Replies
  • If you have the port forwards/NAT all setup correctly (by default 443 and 5721), then the only other thing you need to mess with is under Server Management->Configure  Where it has the "External Name/IP Address" of the server.  

    The generally accepted standard there would be to use a hostname, and then you simply change the DNS record associated with that hostname to your new IP.



    Ooops failed to mark it as an answer.
    [edited by: Jonathan at 7:35 AM (GMT -7) on Jun 28, 2017]
  • I see the Server Management and the external name / IP. Currently its set for the local PC IP address. Which when I saw that I questioned as to why. Normally we go to kaseya.company.com to get to the website. Should I change this to that name or leave it the way it is. IP of the server never changed, just the firewall and our public static IP address.

  • Ah, if you go to kaseya.company.com to get to it, that suggests a possible DNS issue.

    Check your local DNS zone if you have one for company.com and make sure the IP address has been updated for the kaseya record, also check your domain name registrar DNS and make sure that entry has been updated with the new IP.

  • Did you change DNS for the new public IP?  If not kaseya.company.com is still pointing to the old address and that is why you cannot connect to it externally......I suspect your internal DNS points that FQDN to the internal IP and that is whay you can get to it internally.

    The "external name" setting should be the name or IP that you want agents to use when checking in.  Typically this would be your FQDN (i.e. kaseya.company.com) but if you are only managing internal systems, the internal IP should work as well.

    Anyway, you haven;t mentioned updating your external DNS, so that is my best guess as to where your issue lies

  • I will check the DNS records to see if something is missing there. I did make sure its pointing to the right server IP address for the server but didnt change anything else out. Is there another way to access Kaseya externally besides the kaseya.company.com? I would be tempted to try that to see if I am successful or not.

  • Again assuming that you have your NAT and firewall rules correct in the sonicwall (I always recommend using the public server wizard personally), you should simply be able to go to https://public.ip.address.here

    assuming that you have it using a secure certificate, and then click through the certificate warning that you should see, and it should work.

  • @BluePoet  Offhand I'm going to say you'll need to verify the setup in the sonicwall.  I'm going to send you a PM separately with exactly why I think so.

    Well I was going to... But the messaging system here appears completely borked at the moment :(



    No PM's for you.
    [edited by: Jonathan at 11:33 AM (GMT -7) on Jun 28, 2017]
  • @Jonathan Sounds good. I will look for your email. I tried the public wizard and that didn't seem to work so I then tried to do it manually and that did work as well. I did a port forward lookup tool and it says that the ports are open. Look forward to your message to see what you have to say. :)

  • @Jonathan is amazing. Got it resolved. Thank you everyone for your help. Now to resolve two more issues.  The joy of changing things.

  • So what was it?  Don't leave us just hanging here :-)

  • :) I had the sonicwall setup correctly, I had the server setup correctly. There was an external DNS server that was routing to the wrong location. Being new to the position and no documentation here on what services we have, didn't know we have one. One the settings were changed there, it's working like a charm.