I have a few workers who work from home and we have sent them Cisco 857s and we have them up and on an IPSec VPN back to HQ. I set up these sites to be monitored in Orion (we just recently installed Orion 9.1.0) and I'm having some problems with monitoring these sites since they have a dynamic IP from the LEC. I've got it mostly working now but there are still some problems so I'm hoping someone can show me a better way to monitor sites like these. So I setup the Cisco 857 to update it's ip address with dynDNS.com every time the IP on the ADSL interface (Dialer0 in the Cisco world) changes. I then created a new node in Orion and used the FQDN instead of an IP as the address of the node and then clicked the check box labeled "Dyanimic IP Address (DHCP or BOOTP)"..It worked, discovered the router and I setup SNMP to monitor some other elements. So here's the issue, I've been testing with a unit that has an AT&T Adsl line with a dynamic IP and it changes every time I reboot (which is actually helpful for testing). When I shut the router down Orion reacts and shows it as down. When it boots back up, it gets a new IP, updates dynDNS and Orion sees it come back up. Great, right? The problem is SNMP no longer works. It seems like the pinger runs to the FQDN but the SNMP settings are stored when you first discover the node, so the pinger picks up the new IP address by using the FQDN but if I go into node details the IP address listed is the old IP. I thought maybe there was a poller or updater running so maybe SNMP would update after some time interval but I waited 24 hours and its still the old IP. Am I doing something wrong? Has anyone made this scenario work? Any help would be appreciated since we send our home office workers PCs which we support so we run nightly backups and updates, so we have to monitor these locations and need to be aware if they go down. I know we could order static IPs but we have over 30 of these guys and they are all with different providers and it will increase the cost to go to a static IP so I would really prefer to find a way to make all this work with a dynamic IP...Thanks.
If you are building a VPN tunnel why not add a loopback with a static IP address (192.168.x.x/172.16.x.x/10.x.x.x) and monitor that way?
That will work for some, and I'm going to use that for those sites, thanks! Some of thes sites are running the Cisco VPN client from their desktop so ther is no VPN connection terminted onthe router. I would think there would be a way in Orion to update the IP for SNMP based on the FQDN. Something I noticed that is interesting in the event log, the IP address is getting updated correctly and then immediately getting re-assigned back to the old IP...Here's a sanitzed export from the log:
11/13/2008 03:13 PM IP Address of attdsl.selfip.org changed from 220.127.116.11 to 18.104.22.168
11/13/2008 03:13 PM IP Address of attdsl.selfip.org changed from 22.214.171.124 to 126.96.36.199
11/13/2008 03:07 PM IP Address of attdsl.selfip.org changed from 188.8.131.52 to 184.108.40.206
11/13/2008 03:07 PM IP Address of attdsl.selfip.org changed from 220.127.116.11 to 18.104.22.168
11/13/2008 03:01 PM IP Address of attdsl.selfip.org changed from 22.214.171.124 to 126.96.36.199
11/13/2008 03:01 PM IP Address of attdsl.selfip.org changed from 188.8.131.52 to 184.108.40.206
So I changed the IPs from the log so that 220.127.116.11 is the old IP and 18.104.22.168 is the updated (correct) IP. So I can see that Orion is actually updating the IP correctly like every 6 minutes and then it immediately changes the IP back to the old (wrong) IP. Any ideas?
Same problem here.
I have built a custom ddns soluiton that updates the hosts file of my solarwinds server every couple of hours. Every few minutes Orion "changes" the IP address of dynamic hosts even though they have not changed in the hosts file.
Did you open a support ticket and if so what happened to resolve the problem?
Its a totally different approach but -
The wan side changes and that's a problem, but if you set each of the inside subnets differently (1st user has 192.168.1.0, 2nd user on 192.168.2.0 etc) & then you can monitor the more controllable insides.