Virtual Appliance port number and the integrated Reverse Proxy

Most users communicate with NoTouch Center over ports typically open on public networks. You can modify this but plan accordingly

It is possible to change the port NoTouch Center is listening on - the standard ports are 8080 (HTTP) and 8443 (HTTPS) and we suggest to keep it that way. If you have good reasons to change this and understand the implications, then you can change to another port number, even multiple ports.

If your primary goal is to run on HTTPS port 443 only and you are running Stratodesk Virtual Appliance, this is already there, it is running a Reverse proxy - please read on here: #Stratodesk Virtual Appliance notice

Also, consider that your clients need to know the port number, it is part of the NoTouch Center URL that clients use to connect to NoTouch Center. Clients can switch automatically between 80/443 and 8080/8443, but if you suddenly edit the port number and set it to something different, you will cut your clients off:

  • Make sure you set the URL Prefix correctly.
  • Modify the RCMD settings to "allow being controlled by a new NoTouch Center" in case you need to re-search for clients. Don't forget to turn this off again when done.

Contents

Stratodesk Virtual Appliance notice


If you use Stratodesk Virtual Appliance, please do not change the NoTouch Center port number, at least not with extra consideration:

  • Stratodesk Virtual Appliance allows clients to contact NoTouch Center on ports 80 and 443 thanks to a so-called "Reverse proxy" mechanism.
  • The proper way to control access to the 8080 or 8443 ports is via the Virtual Appliance Firewall configuration

So we suggest to make the VA firewall block access to 8080 and 8443, but leave NoTouch Center on these ports internally. If you change this, the Apache reverse proxy won't be able to connect to NoTouch Center any more. In that case you would have to edit the Apache configuration files as well (clearly unsupported).

Port number background


On any given computer, only one software program can hold a specific port number at a time. It is not possible for multiple programs to share one port number. NoTouch Center is a web application and the web typically uses port 80 and 443 (HTTPS, SSL-encrypted). To minimize conflicts with other software, NoTouch Center by default uses the well-defined "alternative HTTP ports" of 8080 (HTTP) and 8443 (HTTPS).

Why do we recommend to leave the portnumbers as they are?

  • NoTouch clients will by default search for a host named "tcmgr" and connect it on ports 8443 and if this doesn't work on 8080. By changing the port number you lose this neat auto-connect functionality (you can of course Search for client devices)
  • If you think of using the standard ports 80 and 443, think twice: These are usually already used by other services, be it an IIS on Windows, or in case of Stratodesk Virtual Appliance it is the appliance's own administration console.

So if you choose a port number, choose wisely.

Configuration location


The port numbers are stored in a plain text file named tcmgr.properties. This file is located in the subfolder "etc" inside the NoTouch Center installation directory.

On the Stratodesk Virtual Appliance the installation folder is /opt/center, thus the file name is /opt/center/etc/tcmgr.properties.

The actual values are:

  • lmc.httpport, holding simply the HTTP port number or a comma-separated list of HTTP port numbers
  • lmc.sslhttpport, holding simply the HTTPS port number or a comma-separated list of HTTPS port numbers

Editing procedure


Generic procedure - say you want to use port numbers of 8084 and 777 for HTTP and 8888 and 666 for HTTPS:

Stratodesk Virtual Appliance

  1. Log in with SSH login to your Virtual Appliance and gain administrative privilege, as described
  2. Stop NoTouch Center by issuing this command:
    • stop center
  3. Edit the configuration file:
    • nano /opt/center/etc/tcmgr.properties
  4. Insert or modify these lines:
    • lmc.httpport=8084,777
    • lmc.sslhttpport=8888,666
  5. Press Ctrl-X to save modifications
  6. Restart NoTouch Center:
    • start center

Note: If you modify port numbers on the VA there are two things that won't work any more:

  • The link to the NoTouch Center login from the "Management" page will not work any more. NoTouch Center operation is not disturbed by this fact.
  • The access via ports 80 and/or 443 (HTTPS) will not work any more unless you modify Apache's reverse proxy settings.

Important hints


Please note that the client communication is only done via the first port, on the other ports only browser admin access is possible. After changing the port or IP address do a rescan of your clients via the 'Tools' menu. This will tell the clients the new address and port of the NoTouch Center. Also, new clients must be searched for via the Tools menu because clients always try to connect via 8080 at first boot (with factory settings). Search will only work if allowed so in the RCMD options.