Not sure what happened, but it looks like after one of the recent firmware updates, we can't launch ntop anymore.
Clicking the "Details" button pops up a blank window with the "Add" and "Cancel" button. Clicking "Add" doesn't do anything since ntop is already installed.
I have not yet tried to Remove ntop and then reinstall it, but, wanted to leave it like this in case someone would like to take a look to see what may have caused the issue. it's not a browser issue as the problem is visible on other machines with different browsers (IE/Firefox).
Hi Jas, I just tried with Firefox, NTOP showed "Installed" and when clicking on the "Details" button it brought up the NTOP page and I was able to launch NTOP. Will check back with the broader engineering team to see if they have seen this.
We've seen something similar to this, but it would clear with a page reload. What you note does not appear to be the case. Can you send me an email with the particular customer you are talking about (copy of the URL from the browser when you are looking at the topology would be fine). My direct email is firstname.lastname@example.org.
Do you continue to see the problem? If so, I would be interested to take a look at the customer in question. Please PM me the customer name if you would like me to take a look.
Thanks for the replies, Marc, Robert, and Michael!
It looks like it was a simple network issue - they were setting up to film a TV show in our location, and seems like some network devices for the guests were moved into a different group, and apparently my system and a few others were dragged into that bunch.
Everything was cleared up late last night. Sorry about that
No problem, we are glad it is working now. We're interested to hear back on scenarios where you are using NTOP. It can help us learn how to potentially integrate it further with OnPlus. Let us know as you get more familiar with the functionality.
Well, I'm used to using ntop on a standalone system with a NIC configured in promiscuous mode... But I don't believe the one integrated into the OnPlus service works the same way, so I'm going to see what it can do, and will report back once I start monitoring some data.
Usually, we would use ntop to show business clients where/what kind of traffic they do have, or, at least, which users/computers are consuming the most bandwidth. And, in some cases, that would lead us to install some type of filtering appliance as they would discover that a lot of their traffic was not business related.
ntop is showing as "Installed". When I hit "Details" and "Launch ntop Portal", it starts trying to connect but ultimately fails. This has happened on both Firefox and IE. Is there any way to get to the ntop configuration via the OnPlus Agents local IP (i.e. port number x.x.x.x:3000, directory x.x.x.x/ntop, etc.)?
Could you please post a screen shot of what you see when it fails? Have you tried launching this from another client machine?
The site needs to be able to make an outbound connection to the portal via port 11400/TCP, please verify the port is open.
I've confirmed that TCP 11400 is open.
Can you also confirm that outbound connections to TCP port 11305 (and also TCP ports 11700-11800) are open from the network your web browser is on?
Connections to these ports on the portal need to be available in order to connect to cross-launch tunnels from the application (your web browser in the case of ntop).
Can you try doing a DNS resolve of the domain
Since I'm on Unix like environments, I use tools like nslookup and dig. I'm sure that no matter what tools you have, we'd expect that you gets something like:
bear:~ jamwyatt$ nslookup xlx-1-35150-2036-6400f120d732.1-dfw-xlx.cisco-onplus.com
xlx-1-35150-2036-6400f120d732.1-dfw-xlx.cisco-onplus.com canonical name = www.1-dfw.cisco-onplus.com.
The screen shots you posted suggest that there's a DNS resolution issue for the cross-launch services. I've verified that it works for me, but that doesn't help you. What is your DNS setup? Are you going through a local DNS caching server (i.e. Windows Server?).
Are you able to remotely connect to other devices at your site?
If you were to set you PC's DNS server to use '220.127.116.11' for DNS resolution, do things start working?
I've got the issue resolved. It looks like it might have been either a PBR issue at my border router regarding the necessary ports being opened or a simple reboot of the OnPlus agent. I made some changes internally to give the OnPlus agent more internet access. Tried again and it didn't work. I rebooted the OnPlus agent and then thought to try it from an outside system and it worked. It still doesn't work internally which causes me to draw the conclusion that it's my ACLs limiting outbound access from internal systems.
As a side note, it would have been nice to simply log into the agent locally using its local IP and, after enabling ntop, had another menu on the agent screen to take me to the ntop config rather than having to leverage the temporary tunnels built by the OnPlus portal to the OnPlus agent to access the ntop configuration. Just my opinion, but I'll need these other port issues resolved to leverage the temporary tunnels built by the OnPlus portal to remote client sites to remotely access their devices without requiring an on-demand VPN, so it really doesn't matter in the end. It's just unnecessary points of failure when you're local to the OnPlus agent. Again, just my opinion. Thank you for your assistance.
When NTOP is enabled, all of its content can be accessed via the local port 3000.
You can connect to it using http://
Using our tunneled solution isn't necessary to use NTOP's web GUI. In general, we've been under the impression that most management will be done remotely and that tunnels, of some sort, would always be necessary.
PERFECT!!! That was the answer I was looking for. I tried that locally and it worked perfect. Thank you very much for that.