One of the things that sold us on purchasing the kace 1000 appliance was the ability for out of band management. The only problem is I've yet to figure out how to get machines to checking when not on the company network. Is there a firewall rule that needs to be in place on the local machine's? We've set up a rule on our Sonic Wall, but machines are still not checking in over the WEB.
0 Comments   [ + ] Show Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.


You need a public DNS record to resolve your KBOX's name to your company's public IP. Your firewall then needs to properly route the traffic for that port (80 or 443, depending on whether you are using SSL) to the KBOX. If your KBOX name is, then you not only need the internal resolution of that name, but external. If a domain machine is sitting at a Starbucks, it is still trying to get to - so that's why you need the public DNS record to resolve that name to your company's front door.
Answered 05/25/2011 by: airwolf
Tenth Degree Black Belt

Please log in to comment
Note that Andy meant port 80 above; and your clients need to be deployed to use the FQDN (, not just "kbox". Once you move your K1 into the DMZ it will likely become attractive to enable SSL. Please do this carefully- do not disable port 80 too quickly, and use a certificate issued to your appliance by a primary root authority (Like Thawte, Verisign, Comodo, etc.); DO NOT use secondary authorty (, etc.), self-signed, domain, or wildcard certs. These will not work and may "brick" the appliance. Recommend contacting support before implementing your action plan to verify your risk level.
Answered 05/25/2011 by: cblake
Red Belt

  • There is no issue using a SSL certificate from Godaddy or wild card certificates.
    Look at It's using a wild card certificate from GoDaddy
Please log in to comment
Answer this question or Comment on this question for clarity