If after following the instructions for agent installation , you are experiencing any problems with agent stability, alert consistency, agent unavailability or remote connection instability, please verify that you are on .NET Framework 4.5
Additionally, please check the following:
Allow outbound traffic over port 443 (TCP) in the Anti-Virus, Firewall and Proxy server.
List of servers that the agent is communicating with:
Potential software/devices for blockage:
- Anti-Virus - Add the following paths into the Antivirus whitelist:
C:\Program Files\Atera Networks (or C:\Program Files (x86)\ATERA Networks for 32bit)
- Firewall - In some networks https traffic is blocked. Make sure to add a rule to allow https traffic from LAN to WAN (Atera address: agent-api.atera.com).
- Proxy - Proxy / Web-filtering is very common and can also be an obstacle to stable agent behavior. Make sure to permit outbound traffic (443) and file extensions; ZIP & EXE from our website (Atera address: agent-api.atera.com).
- Geo-blocking - As an example, SonicWall routers are well known for their Geo Blocking features.
- Permit content traffic in addition to TCP (443 ) traffic
1. Proxy under localsystem account
To check(CMD with admin): bitsadmin /util /getieproxy localsystem
To solve(CMD with admin): bitsadmin /util /setieproxy localsystem no_proxy
2. TLS settings that have been applied with the third party tool IIS Crypto
This is a notorious tool for breaking TLS communications as it adds strange values for registry keys:
All TLS keys (Enabled/DisabledByDefault) should have a value of 0 or 1 (disabled or enabled).
This tool, IIS crypto, is changing the values to…strange values which break the communication over the protocol.
3. .NET settings for TLS
Sometimes .NET might be instructed to work with a TLS that’s disabled, which breaks the Atera communication as well (being a .NET app)
The AteraAgent does not support FIPS at the moment. If this protocol is enabled, the agent cannot communicate with the console.
To check if FIPS is enabled:
- Go to Registry Editor and check the presence of the following DWORDs:
- If enabled, the value of the DWORDs would be '1'
- To disable it, change the value to '0' and the agent will start to work properly.