[mrtg] Re: UDP Ports

Alex van den Bogaerdt alex at slot.hollandcasino.nl
Wed May 23 23:52:41 MEST 2001 

TekDaag wrote:
> 
> Hi, I am trying to filter UDP ports on a Windows 2000 server and every time
> I apply the filtering it seems to kill MRTG, specifically I think it is
> stopping SNMP from working. I am allowing ports 161 and 162, but still not
> getting the charts to update. The scheduler is running, I can run the batch
> files manually and the MRTG graphs update for the local machine but not for
> any other machines, routers or switches.
> 
> Am I missing another port? Don't all the devices use SNMP on the same ports?

There are two ports involved here.  One port is on the destination
device (the one you're trying to query) and one is on your local
computer.

You have to make sure you can send packets to remote:161 (which you
probably have done correctly) however you also need to allow the replies
back in.  These replies will have source port 161.

So:
for each remote device you want to manage
    allow  udp local:any -> remote:161
    allow  udp remote:161 -> local:any

Port 162 is for snmp-traps.  This isn't used by MRTG.  They are generated
by the device, they are not replies for MRTG.  This doesn't mean you can
block them, perhaps you have other software running (HP openview ?) that
needs those traps.

> I would appreciate any help anyone could give - I am knowledgeable enough to
> install and configure basic MRTG configurations, we have been using it for
> over a year, but this one has me stumped

Since you're basically building a firewall here, I urge you to direct
further questions to a firewall related group.

cheers,
-- 
   __________________________________________________________________
 / alex at slot.hollandcasino.nl                  alex at ergens.op.het.net \
| work                                                         private |
| My employer is capable of speaking therefore I speak only for myself |
+----------------------------------------------------------------------+
| Technical questions sent directly to me will be nuked. Use the list. | 
+----------------------------------------------------------------------+
| http://faq.mrtg.org/                                                 |
| http://rrdtool.eu.org  --> tutorial                                  |
+----------------------------------------------------------------------+

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

More information about the mrtg mailing list