Hello,
I'm currently testing WAPT and I was planning to create a server accessible across our entire network by opening the correct ports, but it seems that's not possible.
Can you confirm that it's only usable on a LAN?
When I configure my clients to use the domain name pointing to my server's public IP address, I get "restricted access" errors. I searched the forum and found someone who had a domain controller problem, but I don't have one.
I assume the server needs to be able to access the machine directly via port 8088, but I was hoping that wasn't the case, that the client would retrieve its tasks at regular intervals...
If it's only usable on a LAN, do I have to have as many WAPT servers as LANs?
Thanks in advance for your replies,
best regards
[SOLVED] Restricted access and questions
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Hello,
it's possible to use it over a WAN, but you won't be able to force updates.
Your repository will then need to be accessible on the internet, which can pose real security problems.
I'm currently in this situation; my workstations shut down every night and perform their updates via "wapt-exit".
Nevertheless, you can force the workstation to check for updates every two hours and install them every four hours.
I modify the wapt-get.ini file with the following parameters:
waptupdate_task_period=120
waptupgrade_task_period=120
it's possible to use it over a WAN, but you won't be able to force updates.
Your repository will then need to be accessible on the internet, which can pose real security problems.
I'm currently in this situation; my workstations shut down every night and perform their updates via "wapt-exit".
Nevertheless, you can force the workstation to check for updates every two hours and install them every four hours.
I modify the wapt-get.ini file with the following parameters:
waptupdate_task_period=120
waptupgrade_task_period=120
Ah! Thanks for the clarification. I had noticed that my clients updated if I used wapt-tray, and it's true that a check interval would be ideal, or even on shutdown.
However, we're wondering if it wouldn't be better to do one installation per site to avoid overloading our VPN.
In any case, thanks for your reply; I have what I need.
However, we're wondering if it wouldn't be better to do one installation per site to avoid overloading our VPN.
In any case, thanks for your reply; I have what I need.
We've given a lot of thought to network congestion.
Given that the computers are shut down in the evening and sometimes at regular intervals, I think the network is holding up on our end. We
'll have to look into your VPN; you need to run some tests.
Given that the computers are shut down in the evening and sometimes at regular intervals, I think the network is holding up on our end. We
'll have to look into your VPN; you need to run some tests.
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
The best approach is to replicate the repository on each of your sites to avoid overloading your VPN.
You would then need to configure your DNS settings. The advantage is that if you have roaming clients, they will use the nearest repository.
I started some documentation on this here, but it's not complete enough; I need to finish it:
https://wiki.lesfourmisduweb.org/index. ... ts_distant
You would then need to configure your DNS settings. The advantage is that if you have roaming clients, they will use the nearest repository.
I started some documentation on this here, but it's not complete enough; I need to finish it:
https://wiki.lesfourmisduweb.org/index. ... ts_distant
Setting up DNS records on our routers... Yeah, but I'm hesitant to have to put repositories everywhere; it makes infrastructure management complicated.
I was thinking of blocking everything on the central server except for our clients' IPs, which are often static.
We're thinking about it... I'll take a look at the documentation, thanks a lot.
Edit: I just saw the replication in your documentation, yummy yummy
I was thinking of blocking everything on the central server except for our clients' IPs, which are often static.
We're thinking about it... I'll take a look at the documentation, thanks a lot.
Edit: I just saw the replication in your documentation, yummy yummy
