Last Updated: April 1, 2026
Article ID: KB-2026-AMC-01
Product: Neverfail Engine
Version: All Supported Versions
Before utilizing the portable binaries, the following staging requirements must be met:
Extraction Location: The package must be extracted to a stable, root-level directory (e.g., C:\EngineClient\).
Note: Execution from "Special" Windows folders (e.g., Downloads, Desktop, or Temp) is strictly discouraged. Utilizing a dedicated root path avoids legacy Windows path-variable limitations and ensures consistent Firewall rule enforcement.
To permit remote administrative access via TCP, the following configurations must be applied to the Engine environment:
Trusted Client Authorization (Engine Level):
Authorization must be granted on each Managed Engine intended for control. Run the following command from the binaries directory to register the Client Machine IP:
cd "C:\Program Files\Neverfail\R2\bin"
nfcmd localhost addTrustedClient [Client_Machine_IP] [Username] administrator
Node Firewall Configuration (Cluster Level):
This requirement must be fulfilled on every individual node within the Managed Engine cluster. An Inbound Rule must be created to allow TCP traffic for the management service:
Protocol: TCP
Program Path: %ProgramFiles%\Neverfail\R2\bin\NFServerR2.exe
Action: Allow Connection
To facilitate inbound TCP communication from the Managed Engine, the Client Machine must satisfy one of the following firewall requirements:
| Method | Requirement Detail |
| Option A (Application Specific) | Inbound Rule (TCP) for the specific GUI executable: [Path_To_Portable_Folder]\bin\nfgui.exe |
| Option B (Network Specific) | Inbound Rule allowing TCP traffic originating from the specific Managed Engine IP address(es). |
To verify the requirements have been met:
Launch the Portable AMC (nfgui.exe) from the designated directory.
Add the connection to the remote server using the Managed Engine Public IP address.
The connection must be configured with a valid username and password.