Monitoring Remote Networks

Started by jcarter1208, August 22, 2018, 06:53:15 PM

Previous topic - Next topic

jcarter1208

I need some serious help with monitoring remote networks. Here is what I have so far:

- Zones are enabled
- Containers for each of my clients

We are currently monitoring all Sonicwall Routers via the WAN IP address. By default it also pulls the config for the router which includes the LAN side. As of right now all of this is in the Default Zones group. I would like to monitor switches and servers at each site, which is where I need some assistance. What is the best way to accomplish my goal?

I tried to port forward ports 4700 and 161 to a switch at one location and then set that switch node to go through a proxy of the Sonicwall but it did not work. So can someone break it down for me on how they have it setup and any recommendations?

Thanks,

StanHubble

Are you able to put an agent on a server at the remote sites? (or any device that will take an agent and not be turned off).
If you can, then set up agent tunnels to your netxms server (you will have to open a port forward on your local edge device to your netxms server).  You will need to configure a certificate on you netxms server to get these phonehome tunnels working.  Once those tunnels are available you can then set the node that the agent is bound to in a given zone. Set it as the proxy in that zones' communications settings.  This sets all communications for any device  in that zone to go through that node.

I have about 450 zones set up this way with over 10000 nodes (mostly auto discovered).  Now most of these nodes I don't care about, other than that they are there. (ie what is plugged into what port on a managed switch).  I initially tried it with forwarded ports at the remote locations but that proved to be generally unworkable with dynamic isp connections and edge routers that we did not have access to.

Good Luck with your setup.
stan

jcarter1208

Ok, So once I have my agent up and going on a server. How do I get to monitor the rest of the devices? Especially my Router/Firewall?

Tursiops

Configure the NetXMS agent on the server as a proxy.
Ensure the firewall is configured to allow SNMP connections from that server agent's IP address.
Place the server and firewall in the same zone in NetXMS.
Configure the server node in NetXMS as the communications proxy for that zone.

That should allow you to poll the firewall via the server.
You can add switches into that zone as well and they'll be polled via the server agent.