New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


SNMP and NAT/PAT

Votes:

0

Your Vote:

Up

Down

I have a number of devices that are all using private IP addresses. I access them via port forwarding through a Cisco 881 router and everything works fine. I put forwards in for port 161 however I am getting an socket error #11044. Tested with the SNMP test tool and if I point the tool to port 6102 (translated port) I get the socket error. If I use X.X.X.X:6102 it reports nothing found.

Is it even possible to monittor private IP devices with PRTG?

Tom Goldsberry

nat pat snmp

Created on Jul 8, 2013 6:03:50 PM by  Andrew Marshall (0) 1



5 Replies

Votes:

0

Your Vote:

Up

Down

So on the Cisco device you are forwarding port 6102 on the public IP address to port 161 on the internal IP address of the device? What kind of device are you trying to monitor behind the firewall?

Are you able to read any SNMP values on the device from a computer behind that firewall to make sure SNMP is working correctly?

Created on Jul 9, 2013 9:54:17 AM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Sorry for the delay. Yes that is correct, 70.102.X.X:6102 port forwards to 10.0.X.X port 161 udp. If I set the sensor up with an ip address of 70.102.X.X:6102 I get the socket error. The devices I am trying to monitor are cisco switches (3548's mostly), SMC switches, motorola access points and Powerdsine POE switches.

Originally had a vpn tunnel set-up and was monitoring through the tunnel but there were problems with that (not prtg related) that necessitated replacing it with the Cisco 881. Getting intop the devices via http, https, and telnet are no problem at all.

Yes, SNMP is working correctly internally

Created on Jul 15, 2013 9:38:59 PM by  Andrew Marshall (0) 1



Votes:

0

Your Vote:

Up

Down

If SNMP is working internally but not externally, could it be possible that you would need to enable SNMP for the ports that are connected to your external connection on the devices that you are trying to monitor?

And just to double check, you set the port 6102 in the credentials for the devices so that PRTG knows the correct port to send the request to on the 881 right? Are all of these devices then on different public IPs that all have NAT rules to translate 6102 to 161 on their respective devices?

Created on Jul 16, 2013 9:16:18 AM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

I only have a couple of public IP's for the site so almost everything is using private IP's and anything that needs it is nat'd out to the internet via gateway devices that we use for all our sites. Everything with public IP's I am able to monitor fine. Anything with a private I am able to monitor through a VPN tunnel or directly from those internal subnets. I can't use the VPN tunnel solution any longer which is why I am doing the Nat/Pat. The 881 router is setup with a Public IP on the Wan. The LAN interface is setup as a trunk with multiple vlans each of which is a private IP subnet. To manage the devices I have Nat/Pat setup.

Example: Router Wan IP: 1.1.1.1, internal switch IP 10.10.10.10 that needed to be accessed via telnet, https and snmp would have three rules set up:

1) tcp 10.10.10.10 23 1.1.1.1 2301
2) udp 10.10.10.10 161 1.1.1.1 6161
3) tcp 10.10.10.10 443 1.1.1.1 6443

and I could telnet to the device with 1.1.1.1:2301 or secure browser using 1.1.1.1:6443 etc. I have not been able to get the prtg monitoring working though. I have setup the sensors with an IP address of 1.1.1.1:6161 (that produces the 11044 socket error), nor by setting the IP to 1.1.1.1 and setting the port in the credentials to 6161. If this is something that prtg is normally able to do (multiple sensors with the same IP and different ports set in the credentials) then the problem most likely is something I'm doing. The point of this all is really to confirm that prtg is able to monitor a device via this type of setup.

Created on Jul 17, 2013 5:21:31 PM by  Andrew Marshall (0) 1

Last change on Aug 4, 2015 6:51:29 AM by  Luciano Lingnau [Paessler Support]



Votes:

0

Your Vote:

Up

Down

In the device settings for these are you using the IP or the DNS name? That socket error seems to be related to a DNS search issue.

From looking at the information you posted, the NAT'ing seems fine, it's similar to a test setup that I am using here where I am forwarding ports 6102,6103 to internal device's ports 161 and PRTG picking up the data via SNMP no problem after I enabled SNMP for my external IP and setup SNMP for the ports that are connected to the WAN connection.

Created on Jul 18, 2013 12:56:05 PM by  Greg Campion [Paessler Support]

Last change on Jul 18, 2013 12:57:51 PM by  Greg Campion [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.