To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Ports beeing used by Policy Manager Proxy 13

Rob-K
Rob-K Posts: 33 Junior Protector

Hi,

 

I've just rolled out the new Policy Manager Proxy 13

On the servers I've used there is a WSUS and a Baramundi DIP installed, so i've changed the default communication ports for the PMP13 ... http = 8080 and https = 8443

 

in the PM Config for the FS Agent for auomatic Updates I have put these settings:

 

Prio 10

address: http://policyproxyserver.mydomain.local:8080

HTTPS Port: 8443

 

is it correct to enter the http address with port number or should there be only the fqdn?

 

as far as I have seen - installation files for FSCS are beeing cached under \management server 5\data\installation-packages. Fine - clients get the installation file from the proxy

 

When I access http://policyproxyserver.mydomain.local:8080 I get the small status site, but when I try to check the version the system is creating this link here:

 

https://policyproxyserver.mydomain.local:8080/fsms/fsmsh.dll?FSMSCommand=GetVersion

 

when I change the 8080 to 8443 all works ...

 

My fault or FS?

Comments

  • A_Grinkevitch
    A_Grinkevitch Staff Posts: 169 Threat Terminator

    Hi Robert,

     

    Indeed, there is an issue at this point. When you open http://policyproxyserver.mydomain.local:8080, PMP transprantly forwards request to the Master PM and it serves the page. PMP connects to PM via HTTPS, thus request comes to the Policy Manager’s HTTPS host interface and all links on the page are HTTPS ones even though you requested PMP page via plain HTTP.

    In case you open https://policyproxyserver.mydomain.local:8443 (via HTTPS) from the very beginning, you get correct links.

     

  • Rob-K
    Rob-K Posts: 33 Junior Protector

    so coming back to the policy settings ...

     

    Prio 10

    address: http://policyproxyserver.mydomain.local:8080

    HTTPS Port: 8443

     

    ist there the need to specify http://fqdn:8080 or is it ok to set only the fqdn without http and portwhen the communication is over https (Port 443 or in my case 8443)?

  • A_Grinkevitch
    A_Grinkevitch Staff Posts: 169 Threat Terminator

    Hello Robert,

     

    Yes, you must specify HTTP port in the address if you are using non-default one as plain HTTP is still used for DB updates in Windows clients and all traffic in Linux end-point software.

     

    Alexander

This discussion has been closed.

Categories