New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Which interface to monitor

Votes:

0

Your Vote:

Up

Down

Which Interface use to monitor the device is the best? Internal to External port?

interface prtg-network-monitor snmp

Created on Apr 22, 2019 2:29:47 AM by  derdekeasim (0) 1



5 Replies

Votes:

0

Your Vote:

Up

Down

Derdekeasim,

It's best to monitor the device on the interface that lies in the same subnet as your PRTG probe.

If this isn't possible, then you want to monitor the interface with the shortest path back to your PRTG probe.

Benjamin Day
Paessler Support

Created on Apr 22, 2019 9:02:16 AM by  Benjamin Day [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hi Benjamin, my thought is whether to monitor on WAN or LAN port for FW as I have seen probe is down that monitor internal IP on other location via IPSec tunnel but not on the probe on VPN tunnel, so not sure is my setup is good or not.

Created on Apr 23, 2019 12:19:28 PM by  derdekeasim (0) 1



Votes:

0

Your Vote:

Up

Down

Derdekeasim,

In this case, I would do all my primary monitoring through the LAN interface as opening the outside interface to SNMP isn't the best practice. Then I would Ping something through the VPN on the other probe as a means of letting me know my VPN is up and connected.

What do you think about this?

Benjamin Day
Paessler Support

Created on Apr 24, 2019 6:19:08 AM by  Benjamin Day [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hi Benjamin, my current setup is what you say, just that the ping to the internal LAN via IPSec is down but the alert for the IPSec VPN is not showing. Correct me if I am wrong, if the ping to the internal LAN via IPSec is down meaning the IPSec tunnel to the Internal LAN is down, am I correct?

Created on Apr 26, 2019 7:36:57 AM by  derdekeasim (0) 1



Votes:

0

Your Vote:

Up

Down

Derdekeasim

How are you pinging the Internal LAN via IPSec? That shouldn't be allowed as you are coming from high security to a lower security zone. Unless you have a policy allowing this, it should be blocked.

Benjamin Day
Paessler Support

Created on Apr 26, 2019 7:46:20 AM by  Benjamin Day [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.