SNMP and NAT/PAT

So on the Cisco device you are forwarding port 6102 on the public IP address to port 161 on the internal IP address of the device? What kind of device are you trying to monitor behind the firewall?

Are you able to read any SNMP values on the device from a computer behind that firewall to make sure SNMP is working correctly?

Sorry for the delay. Yes that is correct, 70.102.X.X:6102 port forwards to 10.0.X.X port 161 udp. If I set the sensor up with an ip address of 70.102.X.X:6102 I get the socket error. The devices I am trying to monitor are cisco switches (3548's mostly), SMC switches, motorola access points and Powerdsine POE switches.

Originally had a vpn tunnel set-up and was monitoring through the tunnel but there were problems with that (not prtg related) that necessitated replacing it with the Cisco 881. Getting intop the devices via http, https, and telnet are no problem at all.

Yes, SNMP is working correctly internally

If SNMP is working internally but not externally, could it be possible that you would need to enable SNMP for the ports that are connected to your external connection on the devices that you are trying to monitor?

And just to double check, you set the port 6102 in the credentials for the devices so that PRTG knows the correct port to send the request to on the 881 right? Are all of these devices then on different public IPs that all have NAT rules to translate 6102 to 161 on their respective devices?

I only have a couple of public IP's for the site so almost everything is using private IP's and anything that needs it is nat'd out to the internet via gateway devices that we use for all our sites. Everything with public IP's I am able to monitor fine. Anything with a private I am able to monitor through a VPN tunnel or directly from those internal subnets. I can't use the VPN tunnel solution any longer which is why I am doing the Nat/Pat. The 881 router is setup with a Public IP on the Wan. The LAN interface is setup as a trunk with multiple vlans each of which is a private IP subnet. To manage the devices I have Nat/Pat setup.

Example: Router Wan IP: 1.1.1.1, internal switch IP 10.10.10.10 that needed to be accessed via telnet, https and snmp would have three rules set up:

1) tcp 10.10.10.10 23 1.1.1.1 2301
2) udp 10.10.10.10 161 1.1.1.1 6161
3) tcp 10.10.10.10 443 1.1.1.1 6443

and I could telnet to the device with 1.1.1.1:2301 or secure browser using 1.1.1.1:6443 etc. I have not been able to get the prtg monitoring working though. I have setup the sensors with an IP address of 1.1.1.1:6161 (that produces the 11044 socket error), nor by setting the IP to 1.1.1.1 and setting the port in the credentials to 6161. If this is something that prtg is normally able to do (multiple sensors with the same IP and different ports set in the credentials) then the problem most likely is something I'm doing. The point of this all is really to confirm that prtg is able to monitor a device via this type of setup.

In the device settings for these are you using the IP or the DNS name? That socket error seems to be related to a DNS search issue.

From looking at the information you posted, the NAT'ing seems fine, it's similar to a test setup that I am using here where I am forwarding ports 6102,6103 to internal device's ports 161 and PRTG picking up the data via SNMP no problem after I enabled SNMP for my external IP and setup SNMP for the ports that are connected to the WAN connection.