NETGEAR NMS100 Snmp Device Access Control List, Firewalls Block Snmp Operations, Not Enough Seeds

Page 52

Reference Manual for the ProSafe Network Management System NMS100

SNMP Device Access Control List

Many SNMP devices have an Access Control List (ACL). An ACL is a list of IP addresses from which the device accepts SNMP requests. This is a vendor-specific security feature that is configured at the device using a terminal or Telnet session. At a minimum, you need to go to each Discovery Seed device and check if it has an ACL and that your ProSafe NMS system address is in the list. For complete network discovery you must add your system address to any ACLs in your network.

Firewalls Block SNMP Operations

Many networks use firewall devices to stop unauthorized intrusions. It is very usual for firewalls to block SNMP traffic because SNMP operations can shut down and reconfigure devices. If you have any firewalls in your network you need to make sure that your ProSafe NMS system can send and receive SNMP operations through the firewalls. This is normally done with a protocol filter in combination with an Access Control List (ACL). Firewall configuration is done with a terminal or Telnet session.

Not Enough Seeds

ProSafe NMS uses a combination of downloaded seed device information (address, routing, ARP tables) and broadcasts to discover devices. However, many devices inhibit broadcasts to networks outside of your LAN (subnet directed broadcasts). To get around this problem you need to add more seed addresses for routers around your network.

1.Use the Config/Discovery-Polling menu.

2.Select your system address in the agents list.

3.Click the Seeds tab.

4.For each new seed, enter the IP Address and Subnet mask in the supplied edit boxes and click Add.

5.Click the General tab and then the Restart button.

6.Click the OK button. There is no need to reset the map in this case.

5-4	Troubleshooting and Advanced Configuration

September 2004 202-10058-01

Image 52

Contents September 2004 NETGEAR, IncStatement of Conditions TrademarksCustomer Support World Wide Web Contents Chapter Data and Statistics Appendix a Contents Typographical Conventions Audience, Scope, Conventions, and FormatsManual Scope Other ProSafe NMS Features OverviewDevice Access Modes ProSafe Network Management SystemSystem Requirements Recommended system requirementsPackage Contents Introduction Introduction Chapter Installation and Startup Installing the ProSafe NMS Server and Local ConsoleInstalling the Air Messenger Pro Paging Software Starting the ProSafe NMS Server and Local ConsoleStarting a Local Console Session Disabling Automatic Console LoginStopping and Starting the Server Console Elements Main button bar Edit button bar Selection ToolEvent Log Tool Element FunctionConsole Button Commands Zoom toSelection Tool Event Log ToolSelection Tool tabs Selection Tab DescriptionView Window Area Installation and Startup Working with the Map Database Map Selection TreeUsing Map View Windows View All Zoom OutZoom RectangleMoving Map Objects Moving Objects at the Root LevelMoving Objects Inside Subnet Levels Automatically arranged and manually arranged submap levelsMoving Objects from One Subnet to Another Changing Object Properties AttributesObject Properties Access tab Access ParametersAttribute Name Description Type-Dependent Attributes Object Properties Attribute tab Object Attribute Name Description Type aObject Types Adding Map ObjectsType Description MIB Selection Tree Viewing Device MIB DataManage Menus Table Display Elements Custom MenusGraph Display Elements Graph StylesSaving Long-term Statistics Creating a New ReportViewing Trend Data in a Graph Window Limiting Saved Instances Threshold Alarms Setting Threshold AlarmsAlarm Type Description Setting Status Variable Polling Configuring Automatic AlarmsSetting Manual Threshold Alarms Discovery of Four Built-in Services Polling TCP Application ServicesTCP Service Polling Custom TCP Service Polling Managing Polling for the DeviceEmailing or Paging the Administrator on an Event To modify an existing Custom TCP Service definitionThen, set the Email/Paging global event options Add an Event Filter for the pollDeviceDown event Then, set the Email/Page event actions ProSafe NMS Events Other Event TypesEvent Subtree Trap Name Description Emailing or Paging Multiple Users First, add a grouped set of usersThen, add an Event Filter for the selected devices Duration of Network Discovery Troubleshooting Network DiscoveryNormal Discovery Map Layout Failure Symptoms and Solutions Sample top-level and Subnet Map views for a small networkDiscovery Agent Fails to Connect to the Server Incorrect or Missing Community NamesFirewalls Block Snmp Operations Snmp Device Access Control ListNot Enough Seeds Broadcast Packet Losses Setting Up New FiltersLimiting the Scope of Discovery Stopping Discovery Auto-Layout Event Parameters Event ParametersEvent Description Parameters Set Community name of the target device List of Glossary Terms Auto Uplink Denial of Service attackCat Dynamic Host Configuration Protocol Domain Name DoSIP Address GatewayInternet Protocol Lightweight Directory Access Protocol Local area networkMAC address MbpsNetBIOS Network Address TranslationPacket Perfect Forward SecrecyPPPoE PPP over ATMPPP over Ethernet RouterSubnet Mask Wi-Fi Windows Internet Naming Service Universal Plug and PlayWEB Proxy Server Wide area networkWireless Network Name Ssid Index Index Index