DNS allow list / cloud RMM and AV access for isolated endpoints
R
Robert Dana
Huntress now supports an IP address allow list for isolated hosts, but this doesn't work with Cloud RMM, AV, or other tooling which typically uses dynamic IP addresses for agent connectivity. Vote here if you'd like to see this capability added.
Even better, it would be great to hear what specific tools you'd want to use it with; the list of DNS names that need allowing for typical cloud tooling is long, and we could potentially preconfigure them (just check a box) for common-needed tools.
M
Michael McCool
Support for RMMs should be available for enabling the respective allow lists. This should be disabled by default in case the RMM is the source of the infection, but I should be able to go to an isolated agent. select the option to allow RMM, and within a few minutes, I should be able to connect to the device using our RMM. Datto RMM for one has a FQDN that defines all currently used IPs. This FQDN could be queried and then added to the device's allow list automatically.
Other RMMs may have a list of URLs that would be provided. In these cases, the FQDN for each would be queried, then added to list of allowed IPs. This query and update would be on-demand, so the IPs wouldn't actually be defined until the command is used.
Matthiew Morin (Huntress)
Merged in a post:
Support for Cloud RMMs with Dynamic IPs during Host Isolation
J
Joseph Gagne
I manage machines using Datto RMM, and during host isolation, I need to ensure remote access to endpoints with Datto RMM. Currently, the feature only supports self-hosted RMMs with static IPs, but not cloud RMMs with dynamic IPs. It would be beneficial to have support for cloud RMMs with dynamic IPs during host isolation to maintain remote access.
Matthiew Morin (Huntress)
Merged in a post:
Add NinjaRMM Management/Cloud traffic IPs to exclusion list
E
End user
I would like to have the ability to add NinjaRMM Management/Cloud traffic IPs to the exclusion list. This feature would allow us to isolate a machine from the network while still maintaining access to it through NinjaRMM. It would be beneficial for managing isolated machines without losing connectivity.
G
Gilles Ratté
We also have this issue with Datto RMM. https://rmm.datto.com/help/en/Content/1INTRODUCTION/Requirements/AllowListRequirements.htm
J
Jeffrey Hunt
YES, PLEASE ADD FQDN's TO THE EXCLUSION LIST OPTIONS
G
Gabriel Miller
This would be great as NinjaRMM does not appear to work with IP Addresses alone. Being able to connect to an isolated host would be a game-changer.
J
Jaimeet Jaimeet
We need this as IP's change in the online hosted environment. but FQDN's remain.
M
Mark Meredith
Upvoting this as well. We've moved from self-hosted Automate and ScreenConnect to NinjaRMM and no longer have the ability to access an isolated system.
Joe Thomas
During isolation would love to enable our Cloud ScreenConnect!
B
Brian Pavlidis
One more vote for NinjaRMM. Just started migrating to NinjaRMM and encountered this issue after self-hosted ScreenConnect was working. This is a significant barrier at this time.
Load More
→