Which Servers/IPs/Ports to Check
Teramind requires the server and certain ports to be enabled and accessible through your firewall for it to work properly. Here are some common ports used by Teramind:
80: TCP, is the standard HTTP port that's needed for the Agent deployment and updates. Make sure this port is open if you are encountering issues with your self-generated SSL certificate.
443: TCP, is the standard HTTPS port that's used by the Agent to connect to the Master Server. This port is used as WebSocket for async video recording, offline video recording, mail attachments, printed documents, etc. The port is also used by the Agent to make pings (report that computer is online) and get commands from the dashboard - like start/stop troubleshooting, uninstall or update agent, etc. Note that this port can also be used for Management Interface (so that admins will be able to access the dashboard on this port) and Load Balancing. If you are using an On-Premise deployment, you can assign them separately from the Server Management settings.
10000: Proprietary protocol (TLS encrypted), is used by both the Agent and the Master Server (in a single-node setup, e.g. no App Server nodes deployed) to communicate monitoring configuration or other monitoring data (except for the video). Used in On-Premise deployments.
10000-11000: TCP, Agent connection to App Server Nodes (in a multi-node setup).
1000-65535: If audio recording is enabled, Teramind Agent will connect to the server on a random UDP port in the range of 1000-65535 to send the audio recordings. Make sure UDP ports in that range are enabled and open from the endpoint to the server.
443, 5432, 9200 and 42001: These are used for OCR on On-Premise Deployments. Please make sure the ports are enabled and open among all nodes (master, OCR database, OCR mining). You will also need to check if the IPs used by the OCR mining/BI are also accessible. You can view them on the Server Management screen.
5985: TCP, the default WinRM port used when remotely deploying the Agent from the Remote Agent Installation screen (Computers > REMOTE INSTALL AGENT, available on On-Premise deployments).
Other Ports: Depending on your configuration, there might be other ports that needs to be open and accessible to Teramind. For example, you might need LDAP 389 if you are using Active Directory, TCP 465 for SMTP (emails), etc. Note that, these are default assigned ports and can be changed from their respective settings screens on the Dashboard.
Where to Check/Configure Ports
If you are on Cloud deployment, you can see which ports are being used.
Click the MY ACCOUNT menu from the dashboard then select the SERVER & PORT tab. You will notice three sets of server addresses and ports:
If you are using an On-Premise deployment, you can check/set the commonly used ports from:
Server Management screen to view/change the Management Interface and Load Balancing ports and view the IPs currently being used by additional nodes (e.g., OCR, BI Classification).
Active Directory, screen to change the LDAP port.
SMTP screen to change the SMTP/email port.
How to Check
To test if these are open, please try one of the following:
Using the Telnet Client
In case you never used a Telnet Client before, there are many articles online that shows you how to install and use it. Please search for those resources before continuing.
Cloud Deployments
telnet www.teramind.co 443
telnet rt.teramind.co 443
telnet <serverIP> <port>
You can find your <serverIP>
and <port>
from your Teramind dashboard under MY ACCOUNT > SERVER & PORT tab.
On-Premise Deployment
telnet <serverIP or hostname> 443
telnet <serverIP or hostname> 10000
You can find your <serverIP or hostname>
from the Security settings screen of you dashboard (click the icon, select Settings then click the Security tab. The hostname is listed under the Host section).
In both cases, if you see a message like the one below, it means service is not running, port is closed by your firewall or there're some networking issues:
telnet: Unable to connect to remote host: Connection refused
Using the Windows PowerShell
You can use the following command:
Test-NetConnection -Computername <serverIP or hostname> -Port <port>
Check the Telnet Client section above to find out where you can find the <serverIP or hostname>
and <port>
.
When a service is running and a port is open you'll see something like:
>Test-NetConnection -ComputerName www.microsoft.com -Port 443
ComputerName : www.microsoft.com
RemoteAddress : 92.122.110.37
RemotePort : 443
InterfaceAlias : Ethernet
SourceAddress : 192.168.0.180
TcpTestSucceeded : True
And when service isn't running or port is closed, you will see a warning message like this:
>Test-NetConnection -ComputerName www.microsoft.com -Port 10000
WARNING: TCP connect to (92.122.110.37 : 10000) failed
ComputerName : www.microsoft.com
RemoteAddress : 92.122.110.37
RemotePort : 10000
InterfaceAlias : Ethernet<
SourceAddress : 192.168.0.180
PingSucceeded : True
PingReplyDetails (RTT) : 14 ms
TcpTestSucceeded : False
PowerShell is a task automation and configuration management framework from Microsoft. You can find more information about it on Microsoft PowerShell Documentation.
Using the Curl tool
You can use the following command:
curl --insecure https://<serverIP or hostname>:<port> -verbose
If the connection is successful, the command will return something like the following result:
MacOS
Using Netcat
You can use the following command:
nc -zv <serverIP or hostname> <port>
For example:
nc -zv 192.168.1.100 10000
Using Other Clients
You can also use Telnet or something like nmap.