How to add a secondary OT sensor

Lansweeper OT is a feature that is currently in preview mode. The OT installer can be downloaded in the Configuration\Installations menu of Lansweeper Cloud.

A Lansweeper OT installation consists of a hub, one or more sensors and an update service. A sensor is what actually scans your OT devices and sends scanned data back to the OT hub.

This knowledge base article explains how to add a secondary sensor to an existing Lansweeper OT installation. Communication between sensor and hub is secured with a certificate, which must be implemented on secondary sensors as explained below.

1. Change hub settings and grab certificate

On the machine that has your hub installed, open Notepad or another text editor as an administrator. In your text editor, open the following file: Program Files\LansweeperOT\hub\appsettings.json. In the gRPC section of the file, replace the "localhost" part of the gRPC URL with the IP address of your machine. The HTTPS URL in the file you can leave as is.

Copy the certificate password in the gRPC section of the appsettings file. You will need this later when configuring your new sensor. In addition, copy the following certificate found on your hub machine: Program Files\LansweeperOT\Lansweeper_OT_Internal_Communication.pfx

When you're done editing the hub's appsettings file, restart the Lansweeper OT Hub Service in Windows Services to make your changes take effect.

2. Install new sensor

Run the Lansweeper OT installer on the machine you want to use as your secondary sensor. Uncheck Install OT Hub and only check Install OT Sensor. On the OT sensor screen, submit the IP address of your hub machine and your gRPC port, as found in your hub's appsettings file.

3. Install certificate on new sensor

Copy Lansweeper_OT_Internal_Communication.pfx to the machine where you installed the sensor. On this machine, click Start and then select Run. Run the below command, which opens the Local Computer Certificates of the machine.

mmc.exe certlm.msc -s -r localMachine root

Right-click on Trusted Root Certification Authorities and select All Tasks\Import... from the available options. Hit Next and browse to the location of the Lansweeper_OT_Internal_Communication.pfx certificate. You may need to change the display settings of the popup to include all file types.

Hit Next again and paste the certificate password that you grabbed from your hub's appsettings file earlier. Once you've done that, you can leave all other settings as they are and complete the wizard.

When you're done installing the certificate, restart the Lansweeper OT Sensor Service in Windows Services to make your changes take effect.

4. Update hub URL in appsettings files

Your new sensor should now be fully operational. You should see it listed in the Sensors menu of your hub. However, you may need to update the hub URL of your primary sensor and the hub URL of your primary sensor's update service.

Open Program Files\LansweeperOT\update\appsettings.json and Program Files\LansweeperOT\sensor\appsettings.json on your primary sensor. Make sure the hub URL listed at the top of these files matches the gRPC URL of your hub. If it doesn't, update the hub URL in these files and restart the Lansweeper OT Sensor and Lansweeper OT Update services afterward.

5. Double-check hub firewall

If your new sensor fails to appear in the hub, make sure incoming traffic can reach your hub over whichever port you configured as your gRPC port. The default gRPC port is 5217, but you may have selected a different one in the OT installer. If incoming traffic over the gRPC port is blocked on your hub server, remote sensors won't be able to communicate with the hub.

The OT installer does by default add a rule to Windows Firewall on your hub server to allow for communication to the hub. However, if you are using custom firewalls, you may need to manually adjust your hub server's incoming firewall configuration.

Related Articles

Get Started Right Away

Try Lansweeper for Free