RE: Netmon does not detect connections from or to our Fire wall

[John Mackney <john.mackney@uk.logical.com>]

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

We've already opened up ports 161 & 162 to udp. The remote systems are being
NATed by a router on the far side of the firewall, and the SNMP payload is
being translated by Tivoli CNAT. We can ping all the nodes, and the systems
seem to be sending SNMP events to our NetView server. Its just that the
connections that don't get mapped!!! 

I added the router between the customers router and our firewall to our seed
file, and now that shows up as a managed object - only not connected to
anything else on the map. Is that normal for seed file entries?


John Mackney
Technical Design Authority
Logical eBOC
Logical (UK) Ltd.

Email:      john.mackney@uk.logical.com

 -----Original Message-----
From:   Vince_Rosso@TRANSALTA.COM [mailto:Vince_Rosso@TRANSALTA.COM] 
Sent:   11 May 2001 15:47
To:     IBM NetView Discussion
Subject:        Re: [NV-L] Netmon does not detect connections from or to our
Firewall

 << File: pic25208.pcx >> 

>From the limited experience I've had it could be a number of things.   The
SNMP port has to be open to those networks.   Your network configuration
may also come into play.  If you are doing address translation or if those
networks do not reside in your normal address space then you may require
some static routing on your Netview server or firewall or both.    Just my
thoughts.



                                                                  
 (Embedded                                                        
 image moved   owner-nv-l@tkg.com                                 
 to file:      2001/05/11 08:01 AM                                
 pic25208.pcx)                                                    
                                                                  



Please respond to IBM NetView Discussion <nv-l@tkg.com>

To:   "'nv-l@tkg.com'" <nv-l@tkg.com>
cc:
Subject:  [NV-L] Netmon does not detect connections from or to our Firewall




Netmon has detected the network on our side of our firewall - and with the
help of the netmon.seed file, our customers devices on the far side of our
firewall. However, our map now has two disconnected groups of systems, with
no links showing either the firewall, or the routers on the far side.

We can happily ping and telnet to all the nodes on the other side of the
firewall, but we do not see them in the map. Can anyone say if this is a
firewall problem (ports not opened) or do we need to do something else to
see these connectors.

Thanks

John Mackney

Technical Design Authority

Logical eBOC

Logical (UK) Ltd.

Email:      john.mackney@uk.logical.com

We've already opened up ports 161 & 162 to udp. The remote systems are being NATed by a router on the far side of the firewall, and the SNMP payload is being translated by Tivoli CNAT. We can ping all the nodes, and the systems seem to be sending SNMP events to our NetView server. Its just that the connections that don't get mapped!!!

I added the router between the customers router and our firewall to our seed file, and now that shows up as a managed object - only not connected to anything else on the map. Is that normal for seed file entries?

John Mackney
Technical Design Authority
Logical eBOC
Logical (UK) Ltd.

Email:      john.mackney@uk.logical.com

 -----Original Message-----
From:   Vince_Rosso@TRANSALTA.COM [mailto:Vince_Rosso@TRANSALTA.COM]
Sent:   11 May 2001 15:47
To:     IBM NetView Discussion
Subject:        Re: [NV-L] Netmon does not detect connections from or to our Firewall

 << File: pic25208.pcx >>

From the limited experience I've had it could be a number of things.   The
SNMP port has to be open to those networks.   Your network configuration
may also come into play.  If you are doing address translation or if those
networks do not reside in your normal address space then you may require
some static routing on your Netview server or firewall or both.    Just my
thoughts.

                                                                 
 (Embedded                                                       
 image moved   owner-nv-l@tkg.com                                
 to file:      2001/05/11 08:01 AM                               
 pic25208.pcx)                                                   
                                                                 

Please respond to IBM NetView Discussion <nv-l@tkg.com>

To:   "'nv-l@tkg.com'" <nv-l@tkg.com>
cc:
Subject:  [NV-L] Netmon does not detect connections from or to our Firewall

Netmon has detected the network on our side of our firewall - and with the
help of the netmon.seed file, our customers devices on the far side of our
firewall. However, our map now has two disconnected groups of systems, with
no links showing either the firewall, or the routers on the far side.

We can happily ping and telnet to all the nodes on the other side of the
firewall, but we do not see them in the map. Can anyone say if this is a
firewall problem (ports not opened) or do we need to do something else to
see these connectors.

Thanks

John Mackney

Technical Design Authority

Logical eBOC

Logical (UK) Ltd.

Email:      john.mackney@uk.logical.com