Re: [nv-l] Local SNMP traps
2004-01-26 12:01:59
Brian,
Another option is to try Tavve's NetView
appliance (ePROBE). It has a proprietary messaging protocol that
uses the SSL libs to make a single connection to the NV server and tunnels
all communication. The appliance can receive those traps (syslogs
too) and forward them directly into NV. It also will remotely ICMP/SNMP/TCP
status poll and collect data (snmpCollect format) and forward status and
data through the SSL pipe to the NV server.
It also works as an SNMP proxy. You
can send SNMP requests to your server(s) through the same tunnel by overloading
the community string and sending the request to the proxy agent on the
NV server:
without snmp.conf entry:
snmpget
-c public@nv-appliance-1@your-server netview-server .1.3.6.1.2.1.1.1.0
with snmp.conf entry: (snmp.conf entry:
your-server:public@nv-appliance-1@usrouter:your-server:::::private@nv-appliance1@your-server:)
snmpget
usrrouter .1.3.6.1.2.1.1.1.0
David
| John M Gatrell <John.Gatrell AT uk.ibm DOT com>
Sent by: owner-nv-l AT lists.us.ibm DOT com
01/26/2004 06:27 AM
Please respond to nv-l
|
To:
nv-l AT lists.us.ibm DOT com
cc:
Subject:
Re: [nv-l] Local SNMP traps |
Is it the network that has certain ports banned, or have I misunderstood
the question?
Would this devious method work?
Secure the traffic between the Tec boxes with IPsec.
Then set up an IP filter list for snmp (see MS technet bulletin 313381).
The snmp traffic would then flow through the same IPsec tunnel, and could
not
be stopped by access-lists in routers.
Once the traffic reaches a box under your control, feed it into an MLM
(Mid level manager)
for forwarding onto netview.
John Gatrell.
I have an snmp related question. If I have an application on a server
that spews SNMP traps, and there is a Tivoli EP on the server, is there
a way that I an redirect the SNMP traps to flow through the Tivoli
framework? We are in a secure network, and every additional
communication requirement is met with some resistance, so I am trying to
find a workaround for this, instead of having SNMP flow through to the
Gateway (where I would run the TEC SNMP adapter) or to NetView.
Thanks,
Brian
|
|
|