Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
526
Views
10
Helpful
4
Replies

Monitor

georgeef1
Level 1
Level 1

‎08-12-2009 11:07 AM

Hi,

We have a monitoring tool at our host site. We need to be able to monitor

devices at a remote site that are not accessible directly from our host site. We have a router at the remote site that is accessible by the host site monitoring tool. The remote

router is able to access the remote device that we need to monitor. The desire is for an SNMP request to be requested by the host tool and for the remote router to receive the request and in turn direct to the devices internal to that remote router and return information to the tool at the host site. I am not sure if this is possible. If so what if anything needs to be configured on the remote router.

Thanks

Labels:
0 Helpful
4 Replies 4

Joe Clarke
Cisco Employee
Cisco Employee

‎08-12-2009 12:23 PM

This kind of proxying is not supported by IOS. But what you might consider instead is a VPN tunnel which terminates on your remote router, and allows you to reach the remote devices. The advantage of this approach would be extra security.

That said, there is a feature coming in Embedded Event Manager 3.1 which will allow one to write policies to intercept SNMP messages. You could probably develop an application which would do what you want. EEM 3.1, however, is still a few months out at least.

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to Joe Clarke

‎08-12-2009 12:50 PM

I assumed you've already ruled out NAT as a possibility, but certainly if you could do static NAT on the remote router, that could work. That is, map the inside devices to externally reachable NAT'd addresses. There are some caveats when using SNMP though NAT, though. You will not see any of the IP addresses embedded in SNMP PDUs translated. They will all appear as if they were internal.

georgeef1
Level 1
Level 1
In response to Joe Clarke

‎08-13-2009 12:10 PM

Hi jclarke,

NAT would not work because of the limited number of public IP addresses.

I don't think VPN would work. We intentionally keep these on the “outside” of our network.

I think I read a little about EEM. From what I read it sounded as though it would perform an action based on traps which wouldn't work for us either.

Can you please suggest anything about proxy ping? I ran across this when searching for snmp proxy. It would be helpful to at least know when the devices are not reachable.

Thanks

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to georgeef1

‎08-13-2009 12:26 PM

This you could do with IPM. That is, set up IP SLA ICMP echo collectors on your reachable remote router. Have those collectors ping the internal target devices. You can then run reports in IPM to look at latency and availability.

To do this, add the IP addresses of the internal devices as adhoc targets under IPM > Collector Mgmt > Devices. Then, go to Collectors, and add collectors choosing your remote router as a source, and the adhoc targets as targets. For operation, choose Echo > DefaultIpEcho.

There is another option using the CISCO-PING-MIB, but there are no hooks in LMS for configuring it, and I think using IPM might be a better solution for you.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card