Re: Discover networks behind a firewall

2001-07-24 11:06:00
Subject: Re: Discover networks behind a firewall
From: Jane Curry <jane.curry AT skills-1st.co DOT uk>
To: nv-l AT lists.tivoli DOT com
Date: Tue, 24 Jul 2001 16:06:00 +0100
I suggest you also get UDP/162 opened up (trap port) inbound to NetView - not
strictly necessary for discovery but you'll almost certainly need it later.

I would definitely recommend the follwoing IBM Redbook:
SG24-6229 - Extending Network Management Through Firewalls


Darren_Tucker AT advantra.com DOT au wrote:

> > What ports on firewall must be opened to discover and to  manage nodes on
> 192.168.1.xxx network ?
> You can probably get away with:
> ICMP ping (type code 8) out, ping responses (type code 0 ) back.
> SNMP (UDP/TCP port 161) out and responses back.
> The exact firewall rules will depend on the capabilities of the firewall.
> Note that unless you have SNMP enabled on the firewall, you probably won't
> discover them and you'll need to use either seedfiles (edit
> /usr/OV/conf/netmon.seed) or loadhosts (run "echo ipaddress hostname
> |loadhosts -m subnetmask") to load the devices into NetView.
>           -Daz.
> _________________________________________________________________________
> NV-L List information and Archives: http://www.tkg.com/nv-l

Tivoli Certified Enterprise Consultant & Instructor
Skills 1st Limited, 2 Cedar Chase, Taplow, Bucks, SL6 0EU, UK
Tel: +44 (0)1628 782565
Copyright (c) 2001 Jane Curry <jane.curry AT skills-1st.co DOT uk>.  All rights

<Prev in Thread] Current Thread [Next in Thread>