A Lansweeper OT installation consists of a hub, one or more sensors and an update service. A sensor is what actually scans your OT devices and sends scanned data back to the OT hub.
This knowledge base article explains how to add a secondary sensor to an existing Lansweeper OT installation. Communication between sensor and hub is secured with a certificate, which must be implemented on secondary sensors as explained below.
1. Change hub settings and grab certificate
On the machine that has your hub installed, open Notepad or another text editor as an administrator. In your text editor, open the following file:
Program Files\LansweeperOT\hub\appsettings.json. In the gRPC section of the file, replace the "localhost" part of the gRPC URL with the IP address of your machine. The HTTPS URL in the file you can leave as is.
Copy the certificate password in the gRPC section of the appsettings file. You will need this later when configuring your new sensor. In addition, copy the following certificate found on your hub machine:
2. Install new sensor
Run the Lansweeper OT installer on the machine you want to use as your secondary sensor. Uncheck
Install OT Hub and only check
Install OT Sensor. On the OT sensor screen, submit the IP address of your hub machine and your gRPC port, as found in your hub's appsettings file.
3. Install certificate on new sensor
Copy Lansweeper_OT_Internal_Communication.pfx to the machine where you installed the sensor. On this machine, click
Start and then select
Run. Run the below command, which opens the Local Computer Certificates of the machine.
mmc.exe certlm.msc -s -r localMachine root
Trusted Root Certification Authorities and select
All Tasks\Import... from the available options. Hit
Next and browse to the location of the Lansweeper_OT_Internal_Communication.pfx certificate. You may need to change the display settings of the popup to include all file types.
Next again and paste the certificate password that you grabbed from your hub's appsettings file earlier. Once you've done that, you can leave all other settings as they are and complete the wizard.
4. Update hub URL in appsettings files
Your new sensor should now be fully operational. You should see it listed in the
Sensors menu of your hub. However, you may need to update the hub URL of your primary sensor and the hub URL of your primary sensor's update service.
Program Files\LansweeperOT\update\appsettings.json and
Program Files\LansweeperOT\sensor\appsettings.json on your primary sensor. Make sure the hub URL listed at the top of these files matches the gRPC URL of your hub. If it doesn't, update the hub URL in these files and restart the Lansweeper OT Sensor and Lansweeper OT Update services afterward.
5. Double-check hub firewall
If your new sensor fails to appear in the hub, make sure incoming traffic can reach your hub over whichever port you configured as your gRPC port. The default gRPC port is 5217, but you may have selected a different one in the OT installer. If incoming traffic over the gRPC port is blocked on your hub server, remote sensors won't be able to communicate with the hub.
The OT installer does by default add a rule to Windows Firewall on your hub server to allow for communication to the hub. However, if you are using custom firewalls, you may need to manually adjust your hub server's incoming firewall configuration.