cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Stuck in migrating DMZ nodes to new polling engine

Hello Eveyone,

I am new to Solarwinds, need your help to migrate DMZ's to new additional pilling engine. Before that i have opened port 22, 161,162, 17778,17777 in DMZ  end towards new additional polling engine also SNMP configured for new server still i'm not able to migrate DMZ's to new additional polling engine. While doing every time getting SNMP test failed error. Please add your view in this, it will be great helpful for me .

 

Thanks in advance.

0 Kudos
10 Replies

If you are using snmp it requires port 161 initiated from the poller into the dmz. Another possibility is that most snmp devices have a white list of allowed hosts that they will respond to, so your new poller needs to be on that list.
- Marc Netterfield, Github
0 Kudos
Level 7

@mesverrum Thanks for you response, 

I ahve checked with security team port 161 has been enabled.

0 Kudos
Level 7

@mesverrum can you please help me out on this.

0 Kudos

There's not much we can do for you from here.  You send snmp requests through and they send responses on port 161. Make sure your server can route to the IP, make sure the firewall is allowing traffic through, make sure you have the correct community string.

Have you run a wireshark packet capture to confirm what is actually happening on the wire when you run those test polls?

- Marc Netterfield, Github
0 Kudos

@kumar07 - to reiterate here as well... a pcap of the traffic can go a long way in determining the problem here.

Also in general as well, it's good to note the protocols (tcp or udp) and direction (inbound, outbound, or bidirectional)... being in relation to the polling engine of the traffic. Below is a link to the Core SolarWinds port requirements.

https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/core-solarwinds-port-re...

0 Kudos
Level 7

@sum_giais 

What we have previous set up or ports open for old polling engine I have done the same thing for new polling engine as well and traffic has been allowed (source to destination) from firewall to new polling engine no luck i'm unable to migrate to new polling its showing test failed.

0 Kudos
Level 12

 Is the node being monitored by SNMP or Agent? (NOTE: if you are using the agent it's still possible to provide snmp credentials, but the answer to this question is still "agent")

IF it's the agent is it Server initiated or Client initiated? 

Are you changing to:

1) an additional polling engine in the same Orion environment,

or

2) is this a completely new installation of Orion and a new main polling engine

 

0 Kudos
Level 7

@brscott Yes, the nodes are monitoring through SMNP.

Yes, this is a new additional pilling engine introduced in same orion environment.

0 Kudos

Have you verified that the traffic is indeed not getting blocked by any firewall by doing packet captures? Either by a hardware firewall in the network path or by an ACL in place on the device you're trying to monitor? E.g. windows firewall settings etc.?

Look at everything on the old polling engine, and the new polling engine, and the device you're monitoring as well to find what is different. Firewall settings, network settings, ACLs etc.etc. etc.

0 Kudos
Level 7

Can anyone help me in this .

0 Kudos