Agents working behind a proxy #442
Comments
|
Personally I have experienced this exact behavior due to antivirus protection. |
|
Hi Subzdev, the computers i have tried this on are running Windows Server, and only Windows Defender. |
|
Have you made the recommended exclusions? |
|
I hadnt made the exclusions, but i just did it now, and no change, it still fails at the same point. However as I said, the agent is installed on my laptop and works fine on other networks, but wont connect to the server on these networks where there is a proxy. So there is some sort of network connectivity issue - I assume proxy, but I dont know for sure. |
|
i also just tried disabling Defender, it doesnt help |
|
I confirm that in my test site that performs HTTP and HTTPS browsing only with the non-transparent proxy server, the agent does not install and stops downloading and then immediately exits. If I remove the proxy and enable HTTP and HTTPS direct browsing and I enable outgoing port 4222 then the agent installs correctly. The test was performed with Windows 10 pro and opnsense as a firewall. I hope it will be useful. |
|
https://github.com/go-resty/resty#proxy-settings---client-as-well-as-at-request-level |
|
Yeah that looks perfect thanks |
|
ok I added the changes in the agent, will be in the next release. will update this ticket with a link to the docs when released |
|
Thanks that is great, look forward to testing it out, and I will let
you know how it goes
…On Tue, 2021-05-04 at 00:40 -0700, Dan wrote:
ok I added the changes in the agent, will be in the next release.
will update this ticket with a link to the docs when released
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Released in 0.6.7 Requires agent 1.5.4, see bottom of https://wh1te909.github.io/tacticalrmm/install_agent/#optional-installer-args for the Please try it out and lmk how it goes |
|
test win10pro HTTP and HTTPS via proxy, nat only icmp, dns and TCP Port 4222 (why this port??), TRMM v0.6.7, windows proxy configured and netsh winhttp proxy configured: internet browsing OK. Installation method: Dynamically generated EXE: `C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "http://192.168.128.254:8080" C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "https://192.168.128.254:8080" C:\Users\utente\Downloads>rmm-test128-reteesxi-workstation.exe -proxy "https://192.168.128.254:8081" Installation method: Manual: `C:\Users\utente\Downloads>winagent-v1.5.4.exe /VERYSILENT /SUPPRESSMSGBOXES && ping 127.0.0.1 -n 5 && "C:\Program Files\TacticalAgent\tacticalrmm.exe" -m install --api https://<aaa.bbb.ccc> --client-id 6 --site-id 6 --agent-type workstation --auth xxxxxxxxxxxxxxxxxxxxxxxx --rdp --ping -proxy "http://192.168.128.254:8080" Esecuzione di Ping 127.0.0.1 con 32 byte di dati: Statistiche Ping per 127.0.0.1: OK, agent and mesh installed on client, agent is on TRMM dashboard in correct Client/Site, but "Agent overdue" thanks |
|
Hi @AndreaChiaramonte thanks, I will release a new agent shortly with the proxy fix for agent overdue (forgot to set the proxy after the agent installs 🤦♂️ ) I will also fix the dynamic exe to use proxy, atm it only works with manual method |
|
Fixed in agent v1.5.5, please update your RMM to 0.6.8, uninstall old agent and then generate a new agent and try now |
|
Thank you @wh1te909 , now installation work, but is necessary outbound NAT of TCP port 4222, as in attached image in TRMM there are these problems: thank you |
|
@AndreaChiaramonte yes 4222 tcp is necessary for like 90% of the agent's functions lol so that needs to be open take control, terminal and file browser all use meshcentral and the mesh agent which is a separate product as a test can you try the following on the agent that needs the proxy? then right click on the agent from TRMM's web UI > Agent Recovery > Mesh Agent |
|
i have made some tests: i have created a file "C:\Program Files\Mesh Agent\MeshAgent.proxy" with one text line like 192.168.128.254:8080 i have restarted MeshAgent service and now work fine. |
|
@wh1te909 your solution works perfectly. |
|
@wh1te909 yes that is fantastic, it seems to work perfectly, after doing the reinstall of the meshagent, then the recover connection button. |
|
ok awesome, im adding the following code to the agent's installer, will be in next agent release. for now you'll need to manually uninstall/reinstall mesh and do the recover. meshInstallArgs := []string{"-fullinstall"}
if len(i.Proxy) > 0 {
meshProxy := fmt.Sprintf("--WebProxy=%s", i.Proxy)
meshInstallArgs = append(meshInstallArgs, meshProxy)
} |
|
fixed in rmm v0.6.9 (requires agent v1.5.6) |
Is your feature request related to a problem? Please describe.
I have 3 sites which are connected to the internet via a Squid proxy, via wpad. Unfortunately I cant remove the proxy.
When trying to install the agent on a host on these networks, it flashes up the installer screen, says "Downloading Agent..." for a few seconds, then goes away. Nothing else happens, and the agent doesn't install.
Describe the solution you'd like
Proxy support for the agent - either automatic based on system proxy settings, or a wpad address or host:port address embedded into the agent, customizable per site or agent deployment/file.
Describe alternatives you've considered
N/A
Additional context
N/A
Thank you for your consideration.
The text was updated successfully, but these errors were encountered: