Hi All,
I've recently been getting into NetPath and thought I'd share something in the hope that it helps other who end up with the same head scratching issue.
Now, this problem is document by Solarwinds, but it did take me a while to find the document, so thought I'd add something to THWACK too.
After setting up a new NetPath Service to monitor an external partners service on port 443, NetPath worked perfectly and the route was mapped from the Site, over the MPLS, across various firewalls and then to the destination.
So after that success, I moved on to the next service. This next service uses TCP port 8194 and is allowed through all of the Firewalls, so I assumed this would be just as easy.
Unfortunately, instead of seeing around 10 nodes, including the MPLS & Firewalls, it appears that the path jumps from the Firewall in our node site to the destination!
Example - Path Missing Many Hops
After lots of time trying to work out why the our Firewalls were causing this, I stumbled upon this Solarwinds Article: NetPath graph issue: Missing all intermediate nodes - SolarWinds Worldwide, LLC. Help and Support
Credit to Solarwinds, this was a perfect article, albeit not easy for me to find.
The solution was to add an In-Path Bypass rule to the Steelhead at the source Site for traffic from the Solarwinds Node to any destination (this could be made more specific, but I didn't want to add additional admin work for future paths).
In the example, the Agent Node is in New York, so the rule is added to the New York Steelhead with the Source IP being the IP of the Solarwinds Agent Node doing the polling.
Example - Steelhead Rule
After adding this rule, the Path now shows as expected!
It turns out that the paths using HTTPS/443 only worked because the Steelhead is configured to Bypass encrypted HTTPS traffic.