Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » computing » security » msp_rmm_site_concentrator
Trace: msp_rmm_site_concentrator
computing:security:msp_rmm_site_concentrator

Table of Contents

MSP RMM - Site Concentrator

MSP Remote Monitoring & Management has a feature called a Site Concentrator that provides a central download point for updates:

  1. The designated Site Concentrator server downloads all updates
  2. The other machines in the site get their updates from the Site Concentrator

:!: This feature provides much of the functionality of Microsoft's WSUS Server without the complications.

The Site Concentrator server provides its services via TCP port 8123.

The Site Concentrator server firewall must permit traffic to port 8123.

Designate a Site Concentrator

MSP RMM Dashboard → Right-click a site → Edit Site → Site Concentrator (tab)

  1. Specify a server to be the Site Concentrator
  2. Select Open Windows Firewall checkbox
  3. Save

Configure the Site Concentrator

On the Site Concentrator server:

  1. Open the Advanced Monitoring Agent from the Start Menu and log in
  2. Edit Agent Settings (tab)
  3. Deselect Use a Proxy Server (disable proxy usage)
  4. Save and test the agent's connection
  5. Restart the Advanced Monitoring Agent services or reboot

Advanced Monitoring Agent Login Edit Agent Options Agent Connection Settings

Test Access to Site Concentrator

Once you have performed the previous steps to designate a Site Concentrator, you should test the access.

We have seen where the above procedure does not always open the firewall on Domain Controller servers being designated as a Site Concentrator. You should test access and adjust the Site Concentrator's firewall if necessary.
  1. Wait for a short interval after the above procedure
    • The MSP RMM agent adds the firewall rule to the Site Concentrator server
  2. Test that the port is open using telnet

:!: The telnet feature must be installed on a Windows computer. It is not installed by default. 

telnet YourSCHostName 8123

Edit Site

Designate a Site Concentrator

Success or Failure

How to evaluate the results of your telnet test:

If the port is open, telnet will connect and display a blank CMD box.

If the port is closed, the DOS CMD box will just hang at Connecting…

Press control-[ (escape) then type quit and press the enter key to exit telnet. Hover over the following images for more tips.

Test Port 8123

A Successful Test

A Failed Test

Adjust the Windows Firewall on the Site Concentrator

:!: Domain Controllers use the Domain Profile of the Windows Firewall.

Windows Advanced Firewall

Advanced Monitoring Agent Site Concentrator Rule

Symptom of Blocked Access to Site Concentrator

If client access to a designated Site Concentrator fails, you will often see alternating failures and successes in the Managed Antivirus updates. First the client tries to download the updates from the Site Concentrator (fails), then it tries to download the update from Internet servers (succeeds).

Once you open the firewall on the Site Concentrator, the updates almost always succeed.

Alternating Update Failures

Once you fix the connectivity issue, you can initiate a MAV update using the MSP RMM Dashboard:

Right-click a workstation → Managed Antivirus Scan → Update Threat Definitions

computing/security/msp_rmm_site_concentrator.txt · Last modified: 2017/04/28 09:38 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki