All Collections
Troubleshooting
Kolide Agent to Servers Connectivity
Kolide Agent to Servers Connectivity

Necessary firewall related settings for device to kolide connectivity

Joseph Sokol-Margolis avatar
Written by Joseph Sokol-Margolis
Updated over a week ago

Devices connect to several endpoints inside Kolide. These have consistent names, but dynamic IP addresses. Communication is on port 443.

The list of names (Last changed 2023-04) is:

  • k2device.kolide.com

  • k2control.kolide.com

  • notary.kolide.co

  • dl.kolide.co

  • tuf.kolide.com

Additional Hosts for macOS connectivity

Most versions of macOS will check package and binary signatures for validity. This may require contacting apple servers. Please refer to Apple's documentation at https://support.apple.com/en-us/HT210060

Third Party Firewalls

Some third party firewall software reports outbound connections. Due to how go (a computer language) does DNS resolution, this is sometimes reported as a connection to an IP address, and not to the DNS name. This is a reporting discrepancy.

DNS Resolution

Our agent uses /etc/resolv.conf, some Linux machines use systemd-resolved and do not provide that by default. There are several mechanisms to add one. See https://wiki.archlinux.org/title/Systemd-resolved#DNS for information.

Did this answer your question?