nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AW: MLM's and Firewalls

2001-04-24 03:25:39
Subject: AW: MLM's and Firewalls
From: Michel.Grossenbacher AT coop DOT ch
To: nv-l AT lists.tivoli DOT com
Date: Tue, 24 Apr 2001 09:25:39 +0200 
Hello Jane
I got a similar scenario, I just dont use a MLM at the moment. I got a few
hosts behind a Firewall, some are pingable and some not. The pingables got
added by themself but for the others I used $ before the IP-Adress in the
Seedfile. NetView didnt discover them alone till I added them over Edit/Add.
In the next discover cicle it got them and checked it over SNMP (I got the
community name in the SNMP Configuration). Since then it is polling them
over SNMP, well but I still got some problems, they change their status to
unreachable after a few minutes (Polling time is 15min) but as soon as
NetView Polls them again they change back to reachable, I dont know yet why
they are changing to unreachable but at last I got them in NetView. Perhaps
it helps.

Michel Grossenbacher
Coop

-----Ursprüngliche Nachricht-----
Von: Jane Curry [mailto:jane.curry AT skills-1st.co DOT uk]
Gesendet am: Montag, 23. April 2001 08:59
An: IBM NetView Discussion
Betreff: Re: [NV-L] MLM's and Firewalls

We have tried this.  We wanted both monitoring and discovery through a
packet-filtering firewall.  We hoped to be able to JUST open udp/161 and
udp/162, and monitor devices using SNMP from NetView and/or using ping from
MLM - ie. ping was blocked at the firewall.

Tracing what happened, the MLM discovered devices on its own side of the
firewall and sent that info to NetView via UDP/161 - OK so far.
Unfortunately, NetView will not admit thoses devices into the object
database
until it has succeeded in ping'ing them (which it cannot do).  We watched
the
MLM-discovered devices just going further down the NetView ping-poll queue.

So, the answer to your question if you want status and discovery, is that
you
need to open the SNMP ports (with unrestricted high port access for the
"source" port), AND ping.

Anyone else with experience in this area - I'd love to share stories.  MLM
seems like the right architectural solution to solve many of these firewall
issues, but it's not quite there yet....

Cheers,
Jane

reamd AT Nationwide DOT com wrote:

> Hello All,
>                 Can anyone tell me what ports need to be enabled through
> the firewall for MLM's and Netview communications?  Thanks in advance for
> your response..
>
> _________________________________________________________________________
> NV-L List information and Archives: http://www.tkg.com/nv-l

--
Tivoli Certified Enterprise Consultant & Instructor
Skills 1st Limited, 2 Cedar Chase, Taplow, Bucks, SL6 0EU, UK
Tel: +44 (0)1628 782565
Copyright (c) 2001 Jane Curry <jane.curry AT skills-1st.co DOT uk>.  All rights
reserved.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • AW: MLM's and Firewalls, Michel . Grossenbacher <=
Previous by Date:  Re: MLM's and Firewalls, davids
Next by Date:  New Compaq Insight Manager for Netview and Status Color, Karsten . Schweiger
Previous by Thread:  Netview Connectivity and Performance Manager, Eric Pobst
Next by Thread:  New Compaq Insight Manager for Netview and Status Color, Karsten . Schweiger
Indexes:  [Date] [Thread] [Top] [All Lists]