Hub Public IP Range

Hello Joe,

Thank you for contacting Devolutions Support.

I'm not quite sure I understand your issue in this case, If you're looking to manage authorized IP Address for connection to the Hub Business we have the IP Allowlist and the following knowledge base article regarding this feature: https://docs.devolutions.net/hub/web-interface/administration/configuration-security/ip-allowlist/

Regarding the gateway, did you follow this knowledge base article for the configuration?
https://docs.devolutions.net/dgw/hub/hub-business-configuration/

Let me know if I misunderstand,

Best regards,

Hi Samuel, when I try to add a gateway it requires a successful test first, but that connection is comming directly from hub I think, not the client machine browser ip. Assuming so, what public ip range does hub use?

Hi Samuel,

I think I found the issue, was attempting to add gateway from internal network, and the gateway DNS name was pointing to an alternate server. Adding the gateway from an external computer fixed the issue. In this scenario, the gateway shares an FQDN with other services, and internally it only points to one server which is not the gateway, where as externally the traffic hits a single public IP which is NAT'd to different servers depending on the port being accessed. Probably using a dedicated FQDN for the gateway would have been a better approach, as that could be configured indepentaly for the internal DNS resolution.

That being said, does Hub periodically try to ping the gateway to verify its status? If so, what IP (or range) would hub be using?

Joe

Hello,

Thank you for your patience,

I've reached out to some of my colleagues to confirm this and will keep you updated with any news I receive,

Best regards,

Hi Joe,

That being said, does Hub periodically try to ping the gateway to verify its status? If so, what IP (or range) would hub be using?

About your question above, Hub does not try to reach the Gateway, it's the other way around. The Gateway will try to reach Hub's server to report back on active sessions. When configuring a Gateway, the data is sent from the browser to the Gateway directly. The browser will also communicate with the Hub's server to add the Gateway's encrypted data so that it can be used by other clients only. (Web browsers, RDM)

Let us know if you have more questions, have a good day!

Thanks Maxime, thats perfect, no further questions.

Joe

Hello Joe,

Thank you for your reply,

Glad to hear that, If you have any additional questions regarding this feel free to reach out!

Best regards,