I use (and love!) HostMonitor to monitor many servers, both local and remote. All of the remote servers are VPN'd to us, so monitoring them is no problem.
However, a few of the servers I need to monitor are not VPN'd to us. What's the best way to monitor them? I've tried setting up the Remote Monitoring Agent, but haven't gotten that to work. I'm guessing that's in part because I need to open something up on both firewalls (local and remote), but I don't really know what.
I've also tried to just monitor directly (without the RMA), again with no luck. I assume for the same reasons as above.
Can you help me get this working? I haven't found what I need in the manual.
Thanks,
Rob
Monitoring servers at a remote site
You need to open single port on remote firewall (firewall that protects network where RMA is installed). By default RMA uses port 1055, however you may change it to any other (unused) portI'm guessing that's in part because I need to open something up on both firewalls (local and remote), but I don't really know what.
Regards
Alex
OK, I've done some more testing. I set up the RMA to run internally, between the monitoring station and a local workstation and got that to work. Now I at least understand how to use the RMA.
However, when I try to run it between the local monitoring station and the remote server, I get the error "Cannot read data".
I've allowed traffic in and out on my local firewall, from/to the monitoring station, over port 1055.
I've also allowed traffic on port 1055 on the remote firewall, and forward it for a particular public IP address to the internal IP address of the server.
I can see on the logs on my internal firewall that the traffic on port 1055 goes out. There's no evidence, though, that it ever even reaches the remote firewall--the logs on the remote firewall don't show anything arriving on port 1055 destined for that particular IP address.
Any idea what might be going on?
Rob
However, when I try to run it between the local monitoring station and the remote server, I get the error "Cannot read data".
I've allowed traffic in and out on my local firewall, from/to the monitoring station, over port 1055.
I've also allowed traffic on port 1055 on the remote firewall, and forward it for a particular public IP address to the internal IP address of the server.
I can see on the logs on my internal firewall that the traffic on port 1055 goes out. There's no evidence, though, that it ever even reaches the remote firewall--the logs on the remote firewall don't show anything arriving on port 1055 destined for that particular IP address.
Any idea what might be going on?
Rob
It sounds like there are no connection between networks.I can see on the logs on my internal firewall that the traffic on port 1055 goes out. There's no evidence, though, that it ever even reaches the remote firewall--the logs on the remote firewall don't show anything arriving on port 1055 destined for that particular IP address.
On the other hand "Cannot read data" error means:
- HostMonitor established TCP connection with remote software (RMA?)
- HostMonitor sent data
- HostMonitor does not receive answer within specified timeout
I think your remote firewall received TCP connection from HostMonitor. Then.. I don't know what happened then. May be firewall sends packet to some other server, not to the agent. May be it sends packet to the agent and "cannot read data" error appears because timeout specified for the agent is too short.
Why your firewall does not show connection in the log? I don't know. TCP connection was established, otherwise HostMonitor would show "Connection error"
Could you enable RMA logging (using rma_cfg.exe utility) and check log1.txt, log2.txt files in RMA's directory?
Regards
Alex
Thanks for your reply.
Failure logging is already enabled. I simply never looked at it--not only is the firewall not indicating any traffic, but the RMA connection stat isn't indicating any rejections. However, looking at log2.txt I see that my connection attempts actually are getting through. Each connection attempt, though, is labeled "connection rejected". The connection is being rejected even though the IP address the connection attempt is coming from is allowed. I've also tried allowing connection attempts from any IP address and that didn't help.
Thanks,
Rob
Failure logging is already enabled. I simply never looked at it--not only is the firewall not indicating any traffic, but the RMA connection stat isn't indicating any rejections. However, looking at log2.txt I see that my connection attempts actually are getting through. Each connection attempt, though, is labeled "connection rejected". The connection is being rejected even though the IP address the connection attempt is coming from is allowed. I've also tried allowing connection attempts from any IP address and that didn't help.
Thanks,
Rob
RMA cannot say "Connection rejected" when filter is disabled. May be you have started several instances of the agent, then you have changed settings for one agent while another (started from different directory) still using old settings? Several customers does such trick before...
BTW: What version of the agent do you use? Could you restart agent?
Regards
Alex