This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Stuck in migrating DMZ nodes to new polling engine

kumar07 over 4 years ago

Hello Eveyone,

I am new to Solarwinds, need your help to migrate DMZ's to new additional pilling engine. Before that i have opened port 22, 161,162, 17778,17777 in DMZ end towards new additional polling engine also SNMP configured for new server still i'm not able to migrate DMZ's to new additional polling engine. While doing every time getting SNMP test failed error. Please add your view in this, it will be great helpful for me .

Thanks in advance.

0 mesverrum over 4 years ago

If you are using snmp it requires port 161 initiated from the poller into the dmz. Another possibility is that most snmp devices have a white list of allowed hosts that they will respond to, so your new poller needs to be on that list.
Cancel
Vote Up 0 Vote Down

Cancel
0 kumar07 over 4 years ago in reply to mesverrum

mesverrum Thanks for you response,
I ahve checked with security team port 161 has been enabled.
Cancel
Vote Up 0 Vote Down

Cancel
0 kumar07 over 4 years ago in reply to kumar07

Can anyone help me in this .
Cancel
Vote Up 0 Vote Down

Cancel
0 kumar07 over 4 years ago in reply to kumar07

mesverrum can you please help me out on this.
Cancel
Vote Up 0 Vote Down

Cancel
0 mesverrum over 4 years ago in reply to kumar07

There's not much we can do for you from here. You send snmp requests through and they send responses on port 161. Make sure your server can route to the IP, make sure the firewall is allowing traffic through, make sure you have the correct community string.
Have you run a wireshark packet capture to confirm what is actually happening on the wire when you run those test polls?
Cancel
Vote Up 0 Vote Down

Cancel
0 sum_giais over 4 years ago in reply to mesverrum

kumar07 - to reiterate here as well... a pcap of the traffic can go a long way in determining the problem here.
Also in general as well, it's good to note the protocols (tcp or udp) and direction (inbound, outbound, or bidirectional)... being in relation to the polling engine of the traffic. Below is a link to the Core SolarWinds port requirements.
https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/core-solarwinds-port-requirements.htm
Cancel
Vote Up 0 Vote Down

Cancel
0 kumar07 over 4 years ago in reply to sum_giais

sum_giais
What we have previous set up or ports open for old polling engine I have done the same thing for new polling engine as well and traffic has been allowed (source to destination) from firewall to new polling engine no luck i'm unable to migrate to new polling its showing test failed.
Cancel
Vote Up 0 Vote Down

Cancel
0 brscott over 4 years ago in reply to kumar07

Is the node being monitored by SNMP or Agent? (NOTE: if you are using the agent it's still possible to provide snmp credentials, but the answer to this question is still "agent")
IF it's the agent is it Server initiated or Client initiated?
Are you changing to:
1) an additional polling engine in the same Orion environment,
or
2) is this a completely new installation of Orion and a new main polling engine
Cancel
Vote Up 0 Vote Down

Cancel
0 kumar07 over 3 years ago in reply to brscott

brscott Yes, the nodes are monitoring through SMNP.
Yes, this is a new additional pilling engine introduced in same orion environment.
Cancel
Vote Up 0 Vote Down

Cancel
0 sum_giais over 3 years ago in reply to kumar07

Have you verified that the traffic is indeed not getting blocked by any firewall by doing packet captures? Either by a hardware firewall in the network path or by an ACL in place on the device you're trying to monitor? E.g. windows firewall settings etc.?
Look at everything on the old polling engine, and the new polling engine, and the device you're monitoring as well to find what is different. Firewall settings, network settings, ACLs etc.etc. etc.
Cancel
Vote Up 0 Vote Down

Cancel