NetXMS Support Forum

Hi,

I'm trying to use the Mikrotik agent using containers using theses instructions: https://github.com/alkk/netxms-agent-mikrotik

I've managed to run the container by building the docker image manually (my mikrotik RB1100Hx4 were arm and not arm64), and I've setup DNAT for redirecting ports tcp 4700 and udp 161 from NetXMS server to the container.   Mikrotik IP address is 10.1.99.1/24 on management interface, 172.17.0.1/24 on container bridge, and container ip is 172.17.0.2/24. I want to use agent as remote proxy node for monitoring of 10.1.99.0/24 nodes behind the mikrotik router (container can ping these devices).

Agent is seen in NetXMS and snmp is working, but I cannot use it as a proxy agent. I've tried to create a new zone, placed the mikrotik agent node in it, and define it as the proxy node for this zone. Then I've added the 10.1.99.0/24 subnet in active discovery settings, select the new zone and define my mikrotik agent as proxy node, but the scan doesn't discover any devices.

Am I doing something wrong? 

Port 161 is probably not needed - is there anything inside the container that listens to it? Anyways, if there is - agent should be able to work as a proxy for the node where it is running.

For proxying - you need to have:
EnableProxy=yes
EnableSNMPProxy=yes
SubAgent=ping
SubAgent=ssh            # optional, only if you want to use ssh monitoring
in configuration of the agent

Is agent able to send ICMP requests - you can try collecting Icmp.Ping(1.2.3.4) metric from that agent

You can also try operation without network discovery - by adding a node for a device in that zone and manually specifying that proxy in properties of the node.

There is my agent config, ping/ssh subagents and enableProxy/enableSNMPProxy were already on:

LogFile={stdout} # or file name, might want to mount a volume for this
DebugLevel=0 # 0-9
MasterServers=0.0.0.0/0 #list of NetXMS servers with full access
#ControlServers=... # list of NetXMS servers with read+execute actions access
#Servers=... # list of NetXMS servers with read-only access
SubAgent = linux.nsm
SubAgent = ecs.nsm
SubAgent = filemgr.nsm
SubAgent = ping.nsm
SubAgent = logwatch.nsm
SubAgent = mqtt.nsm
SubAgent = netsvc.nsm
SubAgent = portcheck.nsm
SubAgent = ssh.nsm
SubAgent = mqtt.nsm
#SubAgent = winperf.nsm
#SubAgent = wmi.nsm
#SubAgent = ups.nsm

EnableProxy = yes
EnableSNMPProxy = yes
EnableSNMPTrapProxy = yes
EnableSyslogProxy = yes
EnableTCPProxy = yes
You're right, I didn't need the 161 NAT rule, I've dropped it. 

But still, I've tried both things:
  - creating an icmp.ping metric to a node that container can actually ping => the metric status is in ERROR state
  - adding manually a node, put it in the zone, then defining my mikrotik container agent node as a proxy for ICMP and SNMP => in the status poll logs I can see "Starting ICMP ping via proxy", followed by "Node is still unreachable"