Comm issue behind firewall

[btemple]

I am trying to monitor a router in a dmz. For some reason everything appears to communicate properly except for the bandwidth stats they all report back 0 in 0 out. I am wondering if this is from the router setup or could it be a firewall issue ? All of our internal routers report back proper stats. What port / protocol is need for this check ?

check_xi_service_mrtgtraf!xxx.xxx.xxx.xxx.rrd!500,500!800,800!M!!!!

[sreinhardt]

This is snmp get requests, which are over port 161 generally, and use udp. It is entirely possible that mrtg is not getting data returned, so it fills zeros or nans, which the bandwidth check that looks at mrtg rrds is reporting 0 because of this. You can test snmp connectivity with:

Code: Select all

nmap -sU -p 161 [hostname\ip]

[btemple]

thank you I will further troubleshoot and get back

[btemple]

nmap results look good

[abrist]

Is the community correct? Can you walk the host?

Code: Select all

snmpwalk -c <community> -v1 <ip of remote host>

or:

Code: Select all

snmpwalk -c <community> -v2c <ip of remote host>

[dfmco]

What type of firewall is this? I know for a fact that bandwidth on a Cisco ASA uses a different OID than the router/switch. Can you do a SNMP get to see if the OID you are using is providing a value?

[tmcdonald]

btemple, did you get a chance to look at abrist or dfmco's answers?