ports need open? firewall setting

ports need open? firewall setting

We have older devices on Ver15 and communicate using sha1 certs

Now we have newer devices Android 10 that need sha2 certs

Soti says I need a second server that uses same database on 1st server but uses the sha2 certs

 

So I built a server2 but can't connect to server's one database without turning off the firewalls which I don't want to do

 

can someone point me on what ports I need open for the second server to connect to the first server's database

4 Answers

Order By:   Standard | Newest | Votes
larry | posted this 02 February 2021

I checked those ports and they were ok on mine, good to know

  • 0
  • 0
larry | posted this 02 February 2021

that work by placing those IPs in my firewall

Thanks

  • 0
  • 0
Marcus Breitenthaler | posted this 02 February 2021

HI Larry,

 

i have the Same Problem.

First as Raymond wrote is to add (BUY) to your existing License an second Server.

When Done Update you License in MobiControl.

I have Raised an Ticket to assist with the setup, but it is Quite Simple. (Have only installed the Deployment Server with the Services)

That the Main MobiControl Server and the Second MobiControl Server can comunicate i have add an Firewall Rule in the Local Firewall on booth Servers.

Go to "Windows Firewall with Advanced Decurety"  -> Inbound Rules -> New Rule -> Custom ->  All Programs -> Protocol Type "Any" -> Add the IP Adress at "Which remote IP Adress does this rule apply to?" in the field "These IP Adresses" from the opposit MobiControl Server  -> Allow Connection -> i have only allow the "Domain" Rule to Apply.

When you have set that on booth Server ithey should be able to connect during the Setup on the new Deployment Server :)

 

The Second Problem is that who would you like to route the SHA1 Devices over the Main Deployment Server or over the New one ?

In My case i will Route the SHA1 Devices over the New Server and when all Devices are Having the Certificate from the New Server i can Change the Main Server Certificate to SHA2. That depends how many Devices you want to reenroll when you do the Swtich to fast.

And what you need for your Android 10 Devices to enroll them without an "SSL..." Error is an Certificate for the Server. I have used the Certificate what i have generated for the "WebC Console" that the Webside is Trusted in the Browser.

That i have imported at the Root Certificates, theni it was easier to order not an additional Certificate for the Second Server ....

If you change any on the Certificate don´t forget to "Update Enrollment Profile" ....

 

Hope thats help a little bit and was not confusing ;)

 

  • 1
  • 0
Raymond Chan | posted this 02 February 2021

Have you bought your second MobiControl Deployment Server license?

 

Just for accessing the MS SQL server, you at least need ports 1433 and 443. I believe your bigger problem with your firewall set-up is probably for your second deployment server.

 

  • 1
  • 0

Give us your feedback
Give us your feedback
Feedback