Huawei Router Configuration Polls Fails

Started by Mazhar Bokhari, January 14, 2021, 04:08:10 PM

Previous topic - Next topic

Mazhar Bokhari

I have added Hauwei router in NetXMS. Status poll works fine but configuration poll fails due to SNMP error. SNMP is working fine on the router because I have added same router  in another NMS and it is polling fine.

Help will be highly appreciated.


Filipp Sudanov

Are you monitoring any other SNMP devices (just to exclude general server problem regarding SNMP like closed ports on firewall)?

Check SNMP version in node properties and community string. Try doing Full configuration poll. If there were problems communicating with node via SNMP when the node was added, netxms will not set isSNMP flag and will not try communicating via SNMP. This flag can be visible in Object Details on the right-hand-side under Capabilities.

Mazhar Bokhari

Yes I am monitoring other devices on NetXMS like cisco switches and desktop machines and they are working fine, Even the same Huawei router which is not showing SNMP information on the NetXMS server is working fine on the other NMS. Polling all the information very fine.
I have checked the SNMP version and community string everything is fine.

Configuration Polling Request Output for your reference.

[15.01.2021 12:10:10] Starting configuration poll for node DC Primary Router
[15.01.2021 12:10:10] Checking node's capabilities...
[15.01.2021 12:10:10]    NetXMS agent polling is disabled
[15.01.2021 12:10:10]    Checking SNMP...
[15.01.2021 12:10:24]    No response from SNMP agent
[15.01.2021 12:10:24]    Checking EtherNet/IP...
[15.01.2021 12:10:25]    Cannot establish EtherNet/IP connection or get device identity (CONNECT FAILED)
[15.01.2021 12:10:25] Capability check finished
[15.01.2021 12:10:25] Checking interface configuration...
[15.01.2021 12:10:25] Unable to get interface list from node
[15.01.2021 12:10:25] Interface configuration check finished
[15.01.2021 12:10:25] Checking node name
[15.01.2021 12:10:25] Node name cannot be interpreted as valid IP address, no need to resolve to host name
[15.01.2021 12:10:25] Updating general system hardware information
[15.01.2021 12:10:25] Finished configuration poll for node DC Primary Router
[15.01.2021 12:10:25] Node configuration was not changed after poll
[15.01.2021 12:10:25] **** Poll completed successfully ****



Filipp Sudanov

Note these lines in configuration poll:
[15.01.2021 12:10:10]    Checking SNMP...
[15.01.2021 12:10:24]    No response from SNMP agent

For some reasons netxms is not able to receive response from that router. There are two options:
- problems with network/firewall/etc so that packets are not getting to where they should
- this router does not understand the way how netxms created SNMP request and does not reply.

I would suggest capturing communication between netxms and this router using tcpdump or Wireshark. If you need help in doing that, please inform, if your netxms is running on linux or windows.

Mazhar Bokhari

Thanks, Yes I need your help in capturing communication between NetXMS and the router.
I am using a Windows machine for NetXMS.


Mazhar Bokhari

Hi Filipp,

Please find the attached communication snap between the router and the NetXMS server.

Thanks,
Mazhar

Mazhar Bokhari

More Snaps for better understanding.

Mazhar Bokhari


Filipp Sudanov

TCP connection to port 44818 happens on the next step of configuration poll - that's an attempt to connect via Ethernet/IP protocol. It's a protocol used in industrial devices. Your router is answering with RST - it says that this port is closed. This is normal.
The part related to SNMP is above. You can see that NetXMS is sending SNMP request that have three OIDs in it - 1.3.6.1.2.1.1.2.0 and so on. The is no reply, so the request is being repeated multiple time.

It could be that the router does not like that three OIDs are requested simultaneously. You can try turning on server configuration parameter SNMP.Discovery.SeparateProbeRequests, then only one OID will be requested at a time.

Mazhar Bokhari

I have enabled SNMP.Discovery.SeparateProbeRequests parameter and restarted the server service but no luck.

:'( :'( :'(

gokiwi

Would you not have to add the non standard snmp ports to the snmp configuration under Network Credentials ?

Filipp Sudanov

Are you sure that the other monitoring software is using exactly SNMP, not some proprietary protocol? Does it use standard SNMP port?
You can try capturing communication of that software to the router with Wireshark and compare what network packets it's actually sending.

also you can try getting some data via SNMP using snmpget package from netsnmp software https://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.5-binaries/net-snmp-5.5.0-2.x64.exe/download

Mazhar Bokhari

The problem is fixed now by permitting server IP in ACL on the router for accepting the SNMP queries.

Thank You Filipp.