- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- Re: SIM unable to recieve traps from DMZ
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-26-2007 11:59 PM
тАО08-26-2007 11:59 PM
Re: SIM unable to recieve traps from DMZ
We have actually full IP access right now between the servers for testing purposes...but no luck.
Wierd one indeed!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-27-2007 12:24 AM
тАО08-27-2007 12:24 AM
Re: SIM unable to recieve traps from DMZ
Seems so close... yet so far from solution !
Is there any local Security policies etc that may effect traps ?
Or, just wait for a day or more, before U re-install SIM ... see if anyone else has a different view to this.
James.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-27-2007 08:15 AM
тАО08-27-2007 08:15 AM
Re: SIM unable to recieve traps from DMZ
In HPSIM how does the server show up, just as an IP address or as a resolved name?
Also does it show up as a Server type or is it "Unknown" / "Unmanaged"?
I'm really just guessing more around DNS as the issue.
I'm not too sure of how it would happen, but if the trap is apprearing to come from a name or IP address HPSIM knows nothing about there may be an error.
Have you looked at just the "Events" view itself to make sure an event isn't being misreported against another device?
You could event try extracting the data directly from the HPSIM database to see if anything is there.
With the trap watcher utility you use, does that contain details of the Traps suspected origin? Again does that match what HPSIm has recognised as the server?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-27-2007 08:19 PM
тАО08-27-2007 08:19 PM
Re: SIM unable to recieve traps from DMZ
All servers/agents are registered in DNS. At discovery we use the FQDN. The SIM server has all the different domain names in it's search order so it's able to lookup host23 -> host23.somedomain.tld
In SIM it's discovered with FQDN and has the correct hardware (server/model) listed along with the IP.
Yesterday I installed NET-SNMP as the trap listener (instead of Microsofts version) and in the snmptrapd.log I can see the test trap from a DMZ server registered fine (but not in SIM event view). In the log it's registered with only the hostname and not the FQDN (i.e ...[IP Address]...SNMPv2-MIB::sysname.0 = STRING: HOST23 SNMPv2-SMI...). Maybe this is causing problems? We use NAT for DMZ servers so they have an internal IP but SIM server needs to access it on it's external IP. The FQDNs all points to the DMZ servers external IPs.
In the trap, both IPs are listed (internal/external). But if this was a problem, wouldn't the event still show in the all events view?
I have checked the local security policies on the SIM server and they are no different from i.e the eventmanager server. I tried to redirect the snmp trap directly from the DMZ server to the eventmanager (not to SIM server first) and it worked fine. The eventmanager is on the same subnet as the SIM server.
pew, as a workaround I guess I could have all DMZ agents using NAT to trap directly to the eventmanager?! Still, it would be nice to have the SIM do all the trap forwarding to be consistent.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-28-2007 01:38 AM
тАО08-28-2007 01:38 AM
Re: SIM unable to recieve traps from DMZ
It sounds like the traps from the DMZ servers are not sending back the matching information for a server in the SIM database. Therefore, SIM does nothing with the trap that it receives. Have you tried deleting the server record and done a manual discovery of one of the DMZ servers?
You might also try a manual discovery by the NAT IP address and then test the traps again. These steps should eliminate or confirm a NAT / DNS issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-28-2007 01:56 AM
тАО08-28-2007 01:56 AM
Re: SIM unable to recieve traps from DMZ
It's not possible for the SIM server to reach the DMZ servers using NAT/PAT on their internal IPs, only their respecive external IPs.
It's unfortunate that SIM is having a hard time to cope with this setup. I have therefore decided to let all agents trap directly to the eventmanager instead, but to have SIM for configuration and hardware problem management.
Thanks all for your input, it's much appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-28-2007 08:11 AM
тАО08-28-2007 08:11 AM
Re: SIM unable to recieve traps from DMZ
In the Event Filter settings you can Accept Unregistered Events. But looking at the screen further and it seems to be about accepting traps from discovered devices. In effect HPSIM is getting traps from undiscovered devices.
Is the subnet range for the internal Nat'd addresses in the Discovery range? Maybe the fix is to try and get HPSIM to discover these devices on the same address range as the traps are appearing to originate.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-28-2007 06:16 PM
тАО08-28-2007 06:16 PM
Re: SIM unable to recieve traps from DMZ
I'm not able to discover the Nat'd addresses from the SIM server. We have to use their external IPs in current setup.
Thanks
-tsl-
- « Previous
-
- 1
- 2
- Next »