Home > Support > Knowledge Base > Knowledge Base Article

Devices in Connectware Manager Do not Stay Connected

Devices in Connectware Manager Do not Stay Connected



A Connectware Manager (CWM) server operating behind a NAT firewall using port forwarding requires a configuration change. The CWM server should be configured so that the IP address registered in its database is the same as the IP address visible to the outside (i.e. the NAT IP address).

To check what your device redirection information is, you will want to log into the server management page, and then enter "https://(IP)" or "http://(hostname):8443/listService.do" into your browsers address bar. On this page you will want to select management-console and then click edit. If the host url has the servers local IP address in there you will want to change that to the correct public IP or hostname. For example it could look something like:

"en://(IP or hostname)/devmgmtservices/".

Ports that absolutely need to be open on the Public WAN side for ConnectWare Manager are as follows: Of course the absolute requirements depend on the network infrastructure (e.g. where is the firewall with respect to management users and devices), how communications with the devices are initiated, and whether they want to manage their devices from the Public WAN side of the network.

Some examples:

Case 1: Device initiated connections with no device side firewall concerns and all management done from behind their firewall:

- Then only port 3197 would be required.

Case 2: Client initiated connections with device side firewall concerns (i.e. they using CDP firewall traversal) and all management done from behind their firewall:

- Port 3197 for devices with no device side firewall concerns

- Port 80 for devices with device side firewall concerns.

Case 3: Client initiated connections with device side firewall concerns and management done from the Public WAN side of the network using https:

- Port 3197 for devices with no device side firewall concerns

- Port 80 for devices with device side firewall concerns

- Port 8443 (optionally 443)

Case 4: Connectware Manager initiated connection and management done from the Public WAN side of the network using https:

- Port 3198 out bound traffic

- Port 8443 (optionally 443)

Case 5: Devices and Management done from within a VPN and/or custom APN - No public ports need to be exposed

Case 3 is probably the most typical installation. If user management access is required on the public side, the we would suggest port 443 be used instead of 8443. If not than the user will have to include the port number in their browser address window: https://their_server_name:8443/ For almost all, and most likely the case these ports would not be exposed on the Public WAN side, but do need to be available on the local system.

- 8005 Shutdown (reserved for clustering)
- 8080 - Management Console (reserved for local access)
- 9443 - Remote Protocol (reserved for clustering)

Contact a Digi expert and get started today! CONTACT US

Desktop Site