I have two K1000 architecture question, would you please help on that! Thanks in advance!

 

 

 

1.       Scenario One:

 

K1000 Server: A.0.0.1

 

Client: C.0.0.2

 

Router: B.0.0.1 (outbound address) , C.0.0.1 (inbound address)

 

A.0.0.1 & B.0.0.1 can be connected well (two way)

 

 

 

Thus client machine can ping the K1000 Server because of the router.

 

K1000 Server can’t ping client since client machine’s address is an internal address.

 

 

 

In such environment, please help verify my guess is right or not:

 

·         Agent can be installed on the client machine and inventory information can be transferred to the K1000 server

 

·         K1000 server can’t assign task or distribute software to the client machine. Because, K1000 Server can never reach C.0.0.1, right?

 

 

 

2.       Scenario Two:

 

K1000 Server: A.0.0.1

 

Client: C.0.0.2

 

Router: B.0.0.1 (outbound address) , C.0.0.1 (inbound address)

 

Router can do NAT, thus C.0.0.2 can be mapped to B.0.0.2

 

A.0.0.1 & B.0.0.1 can be connected well (two way)

 

A.0.0.1 & B.0.0.2 can be connected well (two way)

 

 

 

Thus client machine can ping the K1000 server because of the router.

 

K1000 Server can ping B.0.0.2, thus ping the client machine due to NAT.

 

 

 

In such environment, please help verify my guess is right or not:

 

·         Still K1000 server can’t assign task or distribute software to the client machine. Because, agent gather the client machine IP address as C.0.0.2 and K1000 Server assign the task to the client based on the information agent provide, thus C.0.0.2, not B.0.0.2, right?

 

0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

1

I am almost certain that all functions would still work in both of the scenarios, actually (as long as the Windows firewall and file sharing settings are set correctly for that network connection).

The KACE server would show the public IP address that the client machine is using, and this allows the server to then contact the client machine also, as long as there is no port blocking going on with the router on the appropriate ports.

See this post for some information about having a public internet facing KACE server: http://itninja.com/question/kbox-in-the-dmz-best-practices

And this article about all of the ports required for the KACE server: http://www.kace.com/support/resources/kb/article/Which-network-ports-does-the-KACE-K1000-appliance-require-to-function?action=artikel&cat=1&id=589&artlang=en

Answered 04/20/2012 by: jaredv
Fourth Degree Green Belt

Please log in to comment
Answer this question or Comment on this question for clarity