As i am not much Cacti guru i would like to ask for an advice. Situation is as following, we have 2 separate networks [large private VPN]. Cacti server is inside one a monitoring like 1200 devices. There is need to monitor another 60 devices but they are in another VPN so only connection can be made through jump server. [only way from one VPN to another and back].
Question is: Do we have to build another Cacti server outside network or can we somehow use that jump server as "forwarding machine" and pool the devices with existing Cacti? Something like pooling over ssh or something like that:
[cacti server ---fw/switches/routers--- jump server --- fw/switches/routers ---private network--- devices]
Can be "all behind the pooling cycle" forwarded? Isnt there a limitation of 300 seconds for pooling cycle[spine] ? So if we cant make it in less than 300 seconds pooling will fail. I do not have much info about this as this is only a concept... Thx for opinions?
Idea of pooling devices through "jump server"
Moderators: Developers, Moderators
Idea of pooling devices through "jump server"
Last edited by MI1 on Thu Mar 07, 2013 10:26 am, edited 1 time in total.
Re: Idea of pooling devices through "jump server"
So it should be technicaly possible if:
-every network device [firewall, switch, router] in the way from Cacti server to another VPN will be configured to:
a] allow spine to pool devices in less than 300 seconds, I guess that this would include SNMP protocol to go through and reach port 161 on the devices. But what should be for example firewall exception for source port? Only 161 UDP is enought?
b] allow network devices to respond to SNMP query on the same port than request was received. Right?
Missing something?
-every network device [firewall, switch, router] in the way from Cacti server to another VPN will be configured to:
a] allow spine to pool devices in less than 300 seconds, I guess that this would include SNMP protocol to go through and reach port 161 on the devices. But what should be for example firewall exception for source port? Only 161 UDP is enought?
b] allow network devices to respond to SNMP query on the same port than request was received. Right?
Missing something?
Who is online
Users browsing this forum: No registered users and 0 guests