HPE Community
Server Management - Systems Insight Manager
1826493 Members
3911 Online
109692 Solutions
New Discussion

Re: HPSIM can´t see servers through firewall

 
Johan Fondin
Occasional Contributor

‎11-21-2005 02:07 AM

‎11-21-2005 02:07 AM

HPSIM can´t see servers through firewall

I have an issue where three servers on a customer´s DMZ aren´t regognised by HP SIM. The servers are Proliant DL380 G3/G4 with Windows 2003 SP1 and SP 7.30 or 7.40, they run IIS and SQL-server as well. They are configured correctly regarding SNMP and so on, certificates are installed and working.
The servers are detected as "Servers" by HP SIM but VCA, MP and model etc. are not detected. clicking the "HW" icon takes me directly into the "SMH" of the servers so the certificates are working as well. In the firewall ports 161, 280 2301, 2381 are open in both directions for the HP SIM server IP-address. Customer is running HPSIM 5.0 SP2.
Has anyone else seen this?

Regards /
Johan
0 Kudos
Reply
4 REPLIES 4
David Claypool
Honored Contributor

‎11-21-2005 03:48 AM

‎11-21-2005 03:48 AM

Re: HPSIM can´t see servers through firewall

Have you referenced 'Managing HP servers through firewalls with HP Systems Insight Manager 5.0' from http://www.hp.com/go/hpsim --> Information Library?
0 Kudos
Reply
Johan Fondin
Occasional Contributor

‎11-21-2005 06:51 PM

‎11-21-2005 06:51 PM

Re: HPSIM can´t see servers through firewall

Thank you for the prompt reply!

In answer to your question, yes, I´ve read the document and as far as I can tell followed the instructions in there.
The HPSIM server is in the customer´s network and the servers being managed are on the "outside" in the DMZ. The ports open in the firewall are 161, 280, 2301, 2381.
I´ve tried to "Discover" the servers several times and also deleted them from SIM and added them again but the issue remains.

Regards/
Johan
0 Kudos
Reply
NJK-Work
Honored Contributor

‎11-22-2005 09:37 AM

‎11-22-2005 09:37 AM

Re: HPSIM can´t see servers through firewall

Johan,

When you say "SNMP" is configured correctly, could you elaborate? You need to make sure the IP address of the SIM server is listed in the "Accept SNMP packets from these hosts" section if you have the option enabled.

Just wanted to make sure you have that set correctly. You probably already do - but that has nailed me before, so I wanted to check.

Nelson
0 Kudos
Reply
Ferry Steenvoorde
Valued Contributor

‎11-22-2005 07:17 PM

‎11-22-2005 07:17 PM

Re: HPSIM can´t see servers through firewall

You are nearly there with the ports on the firewall. You need:
80/443 ILO-board/Management Processor
161 SNMP
162 SNMP TRAP
280 Status update (for software install jobs etc.)
2301 HTTP SMH
2381 HTTPS SMH
ICMP Ping echo/reply from HPSIM to Managed System

If the SMH shows up, the 2301/2381 ports are configured correctly.
Your Management Processor/ILO-board is only recognised if its IP-address is in the ranges for Automatic Discovery.
Hardware is recognised by using SNMP. I've got some servers here with ancient Compaq agents. They are (yet) unable to support an SMH, but will show a complete hardware inventory because during discovery SNMP is able to identify all hardware.

Of course you should verify if your DMZ-servers are accepting SNMP-traffic from any machine (default), or that it is restricted to selected IP-addresses. And the SNMP-community name should be the same as the one used on the HPSIM-server.
Remember the SNMP-protocol originates from the UNIX-world. Community-names are case-sensitive!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.