Controllerless Networks

Reply
Regular Contributor I

Re: How to snmp poll a IAP VC address

No-one is talking about translating the IP address WITHIN SNMP messages. Read again that quote you pasted in with no source. WITHIN the SNMP message. Not applicable. In fact way off the mark.

 

Please take some time to fully understand the problem if you're planning on commenting further, or ask for some clarification. 

 


--
ACMA ACMP
Guru Elite

Re: How to snmp poll a IAP VC address

BGC IT,

 

This is exactly why you are having the problem you are having.  If you poll a VC over NAT on SNMP, the VC will return private addresses for the other access points to your NMS.  If your NMS even knows how to handle the reurned addresses, it will blindly poll for the private addresses returned and fail.   For other protocols that pass a firewall boundary, the firewall will fix this up and pass a translated address.  SNMP is not one of those protocols, because it is not easy to implement over NAT for multiple devices, much less be "fixed up" by a firewall.

 

Later when your NMS references those private addresses, they are not translated or "fixed up" by the firewall, so that the NMS ends up attempting to poll private addresses.  The quote that I reference was from a Cisco Press book here:  http://www.ciscopress.com/articles/article.asp?p=25273&seqNum=3 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Regular Contributor I

Re: How to snmp poll a IAP VC address

Nope, this is not the problem I am having.

 

I don't want to poll all IAPs based on information returned from the VC. I want to poll the VC itself. I can very easily poll the IAP address of the VC (or any other IAP if I wanted to). But these IPs changes from time to time. I cannot poll the virtual address itself. 

 

NAT is really irrelevant to this problem. I only mentioned it as an illustration of one reason why it is difficult to deal with dynamic IP addressing on IAPs if there was no consistent IP to the poll the VC on - because of the problem of maintaining static port forwarding for a changing IP.

 

The latest software appears to have a 'preferred master' option to increase your chances of finding the current VC however this is not really a solution. An ideal solution would be for the VC to listen to snmp on it's virtual address.

 

 

 

 


--
ACMA ACMP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: