/build/static/layout/Breadcrumb_cap_w.png
07/12/2019 405 views

Hey all, 


I just recently migrated our K1000 from and old R610 to a newer R430 box. I know, we're behind the times not using a virutal box. 


After the migration everything went really smoothly until today when we went to push patches. Now everything is spitting a handshake error, and when I go to download patch signatures they are failing. 


The patch download log is as follows 





So it looks like it is having a tough time reaching service.kace.com? I was wondering if this is a setting on the kbox or with our internal network. Currently the settings for SSL on kace is port 80 access is enabled, but SSL is not enabled. Would I need to enable that since it's port 443? Also, if I do why wouldn't this migrate with the rest of the setting on the K1000? Or should I reach out to our networking dept to look into this, as the IP address for our box did change post migration. 


Thanks for any help. 

Answer Summary:
0 Comments   [ + ] Show comments

Comments


Answer Chosen by the Author

3

Make sure your license doesn't show as expired or maybe you are getting a Patch Subscription expired message in the Patch Download Section or the Patch Download Log, if not then...

I'm 99% convinced, that's a Firewall issue, read this:
https://support.quest.com/kace-systems-management-appliance/kb/128188/kace-sma-appliance-fails-to-download-patches-items-to-check

Even if you have the same name and IP for the new BOX, there  are firewalls who can filter or target MAC Addresses, so your new MAC Address is being blocked.


Also, check this:
https://support.quest.com/kace-systems-management-appliance/kb/111775/which-network-ports-and-urls-are-required-for-the-kace-k1000-appliance-to-function-

The Appliance has a built in cURL test tool, Go to Settings › Support › Diagnostic Utilities, select the CURL Test from the dropdown menu, and type https://service.kace.com , and click RUN NOW.

The output should look like this:


If not, then something in between the KACE SMA and the outside world is blocking it.



Answered 07/12/2019 by: Channeler
Red Belt

  • Channeler,

    I was actually forced to use a new IP after migration. Turns out there was no public IP set for the new address.

    Networking team added it, and it looks like patches are coming in again.

    Thanks for the extremely informative post!