Forum Discussion

PaulKlerkx's avatar
PaulKlerkx
Iron Contributor
Jun 03, 2021

Desktop Analytics - Internet Access Requirements

Hi,

   we have configured Desktop Analytics and connection health has the majority of devices as properly enrolled, however we have around 130 with a configuration alert of "Can't connect to the Connected User Experience and Telemetry endpoint (Vortex). Check your network/proxy settings"

We don't have a proxy.  

With 90% working, I can't see how the network might be configured wrong. 

The one thing that stands out are that the majority of the 130 devices are either generic logons or autologon kiosks that don't have internet access. 

This leads me to 

  1. does desktop analytics require a user to be logged on and for that user to have internet access?
  2. is it possible that as a fallback to this requirement DA tries to connect to the Telemetry with some sort of anonymous connection or using the device system account or maybe using a MECM service account.  (does that MECM service account then need internet access?)

If 2, i'd think I'd need to supply our firewall team with the exact requirements there, I can find all the endpoint contacts in doco, but what account do I have to get them to let through? 

    • PaulKlerkx's avatar
      PaulKlerkx
      Iron Contributor
      Thanks for the link Nathan. I have looked at that page before. We don't use a proxy, but I'm leaning toward maybe the firewall has the same sort of issue. I haven't had a chance to go looking in firewall logs to see if any of the endpoints are mentioned yet. As the devices in question are logged into by generic accounts that don't have internet access, I'm guessing that is causing the problem. I'll look at that first. May need to get a job to our security company to let anonymous traffic through to the endpoints. The other alternative possibility that I found in the DA console, is that the logged in user must have an E3 365 license as well and I'm not positive they do as most are just display devices or single app web console type setups with no need for office. Need to look into that possibility as well. It might be just as easy to do all these separately as they shouldn't have much software anyway.
      • Nathan Blasac's avatar
        Nathan Blasac
        Iron Contributor
        Based on previous experience, you'll definitely need to open up anonymous web traffic to the MS endpoints.

Resources