Team: Huntress EDR
Product: Networking
Environment: Huntress Agent
Summary: To ensure uninterrupted connection when communicating between Huntress Agents and our cloud servers, confirm all network settings are correct (proper open ports, allowed URLs and certificates, exceptions for Deep Packet Inspection, TLS / SSL, etc...). Use our connection tester to check!
Huntress uses certificates and encrypted communication in order to ensure each agent and our cloud servers are able to communicate securely. This page is a brief overview to help you ensure connectivity is uninterrupted.
Do you use Deep Packet Inspection or some other form of TLS/SSL certificate interception?
You'll need to whitelist the certificate for huntress.io More information and a connection tester can be found here
Does your firewall restrict outgoing communication on port 443?
Check out our KB on which URL's you'll need to allow communications on
Still having connectivity issues?
Windows
- From this article: Windows Connection Tester (updated May 3, 2024) run the following as Administrator :
.\HuntressSupport.exe connect
- PowerShell for checking the certificates:
try { ($webRequest = [Net.WebRequest]::Create("https://huntress.io")).GetResponse().Dispose() } catch {}
If the output is not the Huntress.io certificate then it should indicate who the offending certificate interceptor is (look for the CN= field).
Write-Host $webRequest.ServicePoint.Certificate.Subject
- PowerShell 4.0+ for testing connectivity from your end point to our cloud servers
@("huntresscdn.com", "update.huntress.io", "huntress.io", "eetee.huntress.io", "huntress-installers.s3.amazonaws.com", "huntress-updates.s3.amazonaws.com", "huntress-uploads.s3.us-west-2.amazonaws.com", "huntress-user-uploads.s3.amazonaws.com", "huntress-rio.s3.amazonaws.com", "huntress-survey-results.s3.amazonaws.com", "notify.bugsnag.com") | Test-NetConnection -Port 443 | Select ComputerName, TcpTestSucceeded
For older OS - PowerShell 3.x for testing connectivity
$servers = @("huntresscdn.com", "update.huntress.io", "huntress.io", "eetee.huntress.io", "huntress-installers.s3.amazonaws.com", "huntress-updates.s3.amazonaws.com", "huntress-uploads.s3.us-west-2.amazonaws.com", "huntress-user-uploads.s3.amazonaws.com", "huntress-rio.s3.amazonaws.com", "huntress-survey-results.s3.amazonaws.com")
foreach ($server in $servers) {
try {
$TCPClient = New-Object System.net.sockets.tcpclient($server,443)
if ($TCPClient.Connected){
Write-Host "$($server) connection result - connected!"
} else {
Write-Host "$($server) connection result - FAILED"
}
$TCPClient.Close()
} catch {}
} - Still having trouble? Contact us support@huntress.io!
Mac default Bash shell
- Bash command for testing connectivity from your end point to our cloud servers
foreach hostn ("update.huntress.io" "huntress.io" "eetee.huntress.io" "huntress-installers.s3.amazonaws.com" "huntress-updates.s3.amazonaws.com" "huntress-uploads.s3.us-west-2.amazonaws.com" "huntress-user-uploads.s3.amazonaws.com" "huntress-rio.s3.amazonaws.com" "huntress-survey-results.s3.amazonaws.com")
printf "Attempting to connect to %s \n" $hostn
nc -z -v $hostn 443
end - Bash command for testing Certificate errors
openssl s_client -connect huntress.io:443 -servername huntress.io | openssl x509 -in /dev/stdin -noout -text
Output should be similar to this:
- Still having trouble? Contact us support@huntress.io !
Mac zsh shell
This is most commonly seen inside RMM's as a "Terminal" option
for hostn in "update.huntress.io" "huntress.io" "eetee.huntress.io" "huntress-installers.s3.amazonaws.com" "huntress-updates.s3.amazonaws.com" "huntress-uploads.s3.us-west-2.amazonaws.com" "huntress-user-uploads.s3.amazonaws.com" "huntress-rio.s3.amazonaws.com" "huntress-survey-results.s3.amazonaws.com"; do printf "Attempting to connect to %s \n" $hostn; nc -z -v $hostn 443; done
Comments
0 comments
Please sign in to leave a comment.