Page 2 of 3
Re: Need support to monitor firewall devices
Posted: Wed May 15, 2019 6:23 am
by rtsupport
ok, there was firewall which was blocking connection have enabled the firewall rule and now able to do snmpwalk through terminal..
Code: Select all
-bash-4.1$ snmpwalk -v 3 -u ***** -l authPriv -a SHA -A 123456 -x AES -X 123456 11.11.11.11
SNMPv2-MIB::sysDescr.0 = STRING: Linux xrxwebfew01 4.9.75 #1 SMP PREEMPT Tue Jun 12 15:42:38 PDT 2018 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.25597.1
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2310098599) 267 days, 8:56:25.99
but now when i configure this device in nagios using configure wizar "SNMP Linux" getting unknown error/
Code: Select all
ERROR: No response from remote host '11.11.11.11' during discovery.
Re: Need support to monitor firewall devices
Posted: Wed May 15, 2019 7:55 am
by scottwilkerson
When you run the snmpwalk command, are you only getting those 3 lines as results?
If so, you need to adjust the SNMP directive in the snmpd.conf file on the remote server to allow access to all the resources
Re: Need support to monitor firewall devices
Posted: Wed May 15, 2019 9:47 am
by rtsupport
Nope, list is huge, i have gave you just for example.
Also, just to update you we have integrated mode_gearman in our environment so do we have enabled firewall rule for collector servers only not for PRD and DR.
i mean when i am running snmp walk from collector its giving me output but when i am running from PRD/DR its not.
Also i have noticed that when i am running below plugin on collector getting below error --
Code: Select all
./check_snmp_storage_wizard.pl
Can't locate Net/SNMP.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at ./check_snmp_storage_wizard.pl line 15.
BEGIN failed--compilation aborted at ./check_snmp_storage_wizard.pl line 15.
Re: Need support to monitor firewall devices
Posted: Wed May 15, 2019 10:24 am
by scottwilkerson
You will need to have enabled firewall rules from PRD/DR too so you can run the wizards
Re: Need support to monitor firewall devices
Posted: Thu May 16, 2019 9:38 am
by rtsupport
I have a question here -
If plugin is working fine on collector, we are able to do snmpwalk from same collector, able to connect the device using UDP.
nc -v -z -u 11.11.11.11 161
Connection to 11.11.11.11 161 port [udp/snmp] succeeded!
then why PRD/DR IP need to enable to connect with device, as this is collector responsibility to send the data to PRD?
Re: Need support to monitor firewall devices
Posted: Thu May 16, 2019 10:45 am
by scottwilkerson
rtsupport wrote:
then why PRD/DR IP need to enable to connect with device, as this is collector responsibility to send the data to PRD?
Because when you run the wizard, the wizard reaches out to the host/device to see what is available to monitor on it.
If you aren't going to run the wizard and setup the checks manually in the CCM, then the access wouldn't be required.
Re: Need support to monitor firewall devices
Posted: Thu May 16, 2019 11:28 am
by rtsupport
Could you please share something which will help us to setup things manually using CCM
Re: Need support to monitor firewall devices
Posted: Thu May 16, 2019 12:28 pm
by scottwilkerson
rtsupport wrote:Could you please share something which will help us to setup things manually using CCM
What SNMP OID do you want to monitor? (This is what the wizard helps you decipher)
Re: Need support to monitor firewall devices
Posted: Mon May 20, 2019 10:06 am
by rtsupport
while doing snmp we are not getting result and to identify connection we are trying below commands to validate which shows connection filtered
Code: Select all
bash-4.1# nmap 11.11.11.11 -sU -p161
Starting Nmap 6.47 ( http://nmap.org ) at 2019-05-20 10:55 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 2.15 seconds
You have new mail in /var/mail/root
bash-4.1#
bash-4.1# nmap 11.11.11.11 -Pn -p161
Starting Nmap 6.47 ( http://nmap.org ) at 2019-05-20 10:55 EDT
Nmap scan report for uuuuuuuuuu.epn.uswestgw.xxxxx.com (11.11.11.11)
Host is up (0.0012s latency).
PORT STATE SERVICE
161/tcp filtered snmp
Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
and our network team is asking to check connectivity referring below command which saying connection established.
Code: Select all
nc -z -v -u 11.11.11.11 161
Connection to 11.11.11.11 161 port [udp/snmp] succeeded!
can you guide us right way to verify .. if snmp udp port 161 is enabled or not?
Re: Need support to monitor firewall devices
Posted: Mon May 20, 2019 12:04 pm
by scottwilkerson
Really this would be your best test
Code: Select all
snmpwalk -v 3 -u ***** -l authPriv -a SHA -A 123456 -x AES -X 123456 11.11.11.11