Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Firewall

brford

I believe this product will not work if the host is running a personal firewall. Am I correct.

Since it use ping and snmp.

I believe 1/2 our users are running them and would not give us a acurate report.

Find more posts tagged with

ping

SNMP

firewall

Accepted answers

All comments

CS_LIU

I suppose that depends on the FW and your company's current FW policy - are you using CSA or some other centrally managed product ?

bshopp

If both are blocked by firewall, then you could manually manage the IP if you wish. If only SNMP is blocked, we could tell you something resides at that IP, but none of the system details.

brford

afraid not its the wild west EDU world. What would be nice and I have yet found what I am looking

for is a product to pull the arp info out of a router mac table. then log it to a data base. Which would give

the most accurate info then trying to poll or scan a network.

bshopp

Understood, I have that already logged in the system as an enhancement request

brford

Boy if you could get that to work let me know. Then if it could be put into the report form that you

have you would be rockin. Good luck keep us informed. BF

CS_LIU

?? Do you mean switch ??

Routers arp table is only going have entries for a connected networks. The rest relies on routing updates or statics when forwarding packets.

Switch will only have L3 arp entries if it's a layer 3 switch configured with an SVi for the segment you wish to pull info from. Otherwise a layer 2 switch arp table is null but it's mac-address table is stuffed (obviously).

brford

In our environment I would say Router . We are only looking in a few area's
say 3 or 4 routers. We have a 1/2 a class B from there divided into may vlans. You should be able to filter out all the networks that don't care about.
We do not have Layer 3 switches on all of our networks.
Even with a layer 3 switch you would still need a subnet interface on that switch.
If you have many different vlans I would believe you would need a routed IP interface to get the information you would need for each vlan.
We have almost 200 vlans.
If it was a smaller environment a Layer 3 switch will work fine as long as the subnet you are looking has a routed interface on that switch. I could see it would be nice in a Layer 3 switch also.

robertcabiyaan

Hi there,

Need help. I can't seem to get the netflow info from my router behind the firewall. The router at the back of NTU is Cisco 2800 and at the back of router is ASA firewall.

I have checked security configurations of the ASA firewall that would allow 2055 and still nothing.

I have scanned the loggings of both firewalls and no 2055 or anything that would pick up the Netflow from 2800. thanks in advance.

CS_LIU

Robert,

Email me - i should be able to assist

tonyled

i too would like this feature, i did a demo on a product that did this and it was very nice. sadly, the price was not.