News:

We really need your input in this questionnaire

Main Menu
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - jmcdole

Pages1
#1
General Support / ICMP polling through Proxy after 5.0.1 upgrade
May 03, 2024, 06:24:23 PM
Good Morning, I updated a ubuntu/mssql based server to 5.0.0 then 5.0.1 and have lost the ability to poll icmp targets through an agent serving as a proxy.

  • Nodes were added through discovery, but also fails on new, manually added nodes
  • The proxy agents are otherwise working (including other subagents like mqtt)
  • I upgraded the agents to 5.0.1
  • I have added and removed proxy nodes from the zone (we have several zones)
  • The only error I see logged on server or agent is "Unable to establish connection with proxy node"
  • I can manually ping from the server where the agent is installed to the other nodes
  • I also checked the database with the dbmgr utility
  • All other aspects, other than icmp, appear to work correctly

Update:  The agent using the proxy is on a windows server, the proxy function works correctly with linux-based agents.

This happened right after the upgrade, so I wanted to flag it here. 

Thank you!
#2
General Support / Re: Agent to Server Tunnel - SSL certificate issues
April 22, 2022, 06:03:37 PM
Excellent, thank you for confirming how this works. 

I am thinking about a SSH tunnel--(it is a windows server on the client side...so not 100% how to maintain/restart automatically the tunnel...). I am glad to hear I can use my own SSL (that might be OK)

I have seen this issue with sites using Palo Alto firewalls.  The firewall vendor claims they are using "deep packet" inspection technology, but I do not think they are terminating SSL, but rather it is just a SSL certificate rule that is rejecting self-signed and expired certificates. 

Thank you again!
#3
General Support / Agent to Server Tunnel - SSL certificate issues
April 15, 2022, 10:02:02 PM
Hello,
I have been successfully using NetXMS for over ten years—thank you for an excellent tool!!

However, I have a couple locations where my NetXMS agents are located behind a firewall that I cannot control—and the firewall is blocking self-signed SSL certificates.  When I try to set up an agent to server tunnel, the agent traffic is blocked from traversing across the firewall to my NetXMS server.

It seems I need to use a commercial Certificate Authority—something I believe is cost prohibitive...and not sure what type of certificate to even ask for.  Has anyone used tunnels without using self-signed certificates?

And, based on how I understand this all working, I also understand the Organizational Unit field has been depreciated in the SSL specs....so, can I even get a commercial CA that will support the requirements of agent to server communication?

Thank you for any insight!!!
#4
General Support / Re: Database Upgrade Fails 3.8.366
May 25, 2021, 03:53:30 PM
This is excellent.  Worked like a charm!

Thank you!
#5
General Support / Web Service Definitions Issue
May 14, 2021, 01:13:37 AM
Good day,

When I am trying to add a Web Service Definition, any entry into the system will cause NetXMS to crash and disconnect the console.  The entry is successfully captured in the database, and the same behavior exists when using the Web Console. 

Has anyone seen this issue?

NetXMS 3.8-314/Ubuntu 20.04

Thank you!
Pages1