New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Agents working behind a proxy #442
Comments
Personally I have experienced this exact behavior due to antivirus protection. |
Hi Subzdev, the computers i have tried this on are running Windows Server, and only Windows Defender. |
Have you made the recommended exclusions? |
I hadnt made the exclusions, but i just did it now, and no change, it still fails at the same point. However as I said, the agent is installed on my laptop and works fine on other networks, but wont connect to the server on these networks where there is a proxy. So there is some sort of network connectivity issue - I assume proxy, but I dont know for sure. |
i also just tried disabling Defender, it doesnt help |
I confirm that in my test site that performs HTTP and HTTPS browsing only with the non-transparent proxy server, the agent does not install and stops downloading and then immediately exits. If I remove the proxy and enable HTTP and HTTPS direct browsing and I enable outgoing port 4222 then the agent installs correctly. The test was performed with Windows 10 pro and opnsense as a firewall. I hope it will be useful. |
https://github.com/go-resty/resty#proxy-settings---client-as-well-as-at-request-level |
Yeah that looks perfect thanks |
ok I added the changes in the agent, will be in the next release. will update this ticket with a link to the docs when released |
Thanks that is great, look forward to testing it out, and I will let
you know how it goes
…On Tue, 2021-05-04 at 00:40 -0700, Dan wrote:
ok I added the changes in the agent, will be in the next release.
will update this ticket with a link to the docs when released
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
Released in 0.6.7 Requires agent 1.5.4, see bottom of https://wh1te909.github.io/tacticalrmm/install_agent/#optional-installer-args for the Please try it out and lmk how it goes |
test win10pro HTTP and HTTPS via proxy, nat only icmp, dns and TCP Port 4222 (why this port??), TRMM v0.6.7, windows proxy configured and netsh winhttp proxy configured: internet browsing OK. Installation method: Dynamically generated EXE: `C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "http://192.168.128.254:8080" C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "https://192.168.128.254:8080" C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "https://192.168.128.254:8081" Installation method: Manual: `C:\Users\utente\Downloads>winagent-v1.5.4.exe /VERYSILENT /SUPPRESSMSGBOXES && ping 127.0.0.1 -n 5 && "C:\Program Files\TacticalAgent\tacticalrmm.exe" -m install --api https://<aaa.bbb.ccc> --client-id 6 --site-id 6 --agent-type workstation --auth xxxxxxxxxxxxxxxxxxxxxxxx --rdp --ping -proxy "http://192.168.128.254:8080" Esecuzione di Ping 127.0.0.1 con 32 byte di dati: Statistiche Ping per 127.0.0.1: OK, agent and mesh installed on client, agent is on TRMM dashboard in correct Client/Site, but "Agent overdue" thanks |
Hi @AndreaChiaramonte thanks, I will release a new agent shortly with the proxy fix for agent overdue (forgot to set the proxy after the agent installs 🤦♂️ ) I will also fix the dynamic exe to use proxy, atm it only works with manual method |
Fixed in agent v1.5.5, please update your RMM to 0.6.8, uninstall old agent and then generate a new agent and try now |
Thank you @wh1te909 , now installation work, but is necessary outbound NAT of TCP port 4222, as in attached image in TRMM there are these problems: thank you |
@AndreaChiaramonte yes 4222 tcp is necessary for like 90% of the agent's functions lol so that needs to be open take control, terminal and file browser all use meshcentral and the mesh agent which is a separate product as a test can you try the following on the agent that needs the proxy?
then right click on the agent from TRMM's web UI > Agent Recovery > Mesh Agent |
i have made some tests: i have created a file "C:\Program Files\Mesh Agent\MeshAgent.proxy" with one text line like 192.168.128.254:8080 i have restarted MeshAgent service and now work fine. |
@wh1te909 your solution works perfectly. |
@wh1te909 yes that is fantastic, it seems to work perfectly, after doing the reinstall of the meshagent, then the recover connection button. |
ok awesome, im adding the following code to the agent's installer, will be in next agent release. for now you'll need to manually uninstall/reinstall mesh and do the recover. meshInstallArgs := []string{"-fullinstall"}
if len(i.Proxy) > 0 {
meshProxy := fmt.Sprintf("--WebProxy=%s", i.Proxy)
meshInstallArgs = append(meshInstallArgs, meshProxy)
} |
fixed in rmm v0.6.9 (requires agent v1.5.6) |
Is your feature request related to a problem? Please describe.
I have 3 sites which are connected to the internet via a Squid proxy, via wpad. Unfortunately I cant remove the proxy.
When trying to install the agent on a host on these networks, it flashes up the installer screen, says "Downloading Agent..." for a few seconds, then goes away. Nothing else happens, and the agent doesn't install.
Describe the solution you'd like
Proxy support for the agent - either automatic based on system proxy settings, or a wpad address or host:port address embedded into the agent, customizable per site or agent deployment/file.
Describe alternatives you've considered
N/A
Additional context
N/A
Thank you for your consideration.
The text was updated successfully, but these errors were encountered: