reamd@Nationwide.com writes:
> Hi All,
> I have disovered some cisco PIX boxes on my Netview server and
> firewalls are blocking snmp. The problem is, the nodes continually go red -
> green - red - green. Any suggestions on how I can get them to only go red
> when there is an actual problem.
NetView just calls em as it sees em--if it gets no response to a ping,
the box is down.
Check with the firewall policies--it's possible that there's a rule
set up that is rejecting ICMP messages in some pattern. This would
make NetView think the device is down (since it has no other way of
knowing). You can try having a rule pushed to the PIX that allows the
IP of your NetView to ping without restriction.
Short of that, you could employ a correlation rule in a ruleset with
interface down that requires two successive ping failures within a
given time window before generating the node down alert. There is an
example of this in one of the sample rulesets in the ruleset directory
and mentioned in the manual, I believe. It uses a "reset on match"
node.
Best Regards,
--
Todd H.
http://www.toddh.net/
|