Welcome to Pandora FMS Community!

Find answers, ask questions, and connect with our community around the world.

Bienvenido a la comunidad de Pandora FMS Forums Community support Monitoring firewall Internet Connectivity

  • Community support

    Monitoring firewall Internet Connectivity

    Posted by Pamod on enero 8, 2024 at 02:27

    I have set up firewalls in the Pandora FMS. I need to monitor the internet connectivity status of these firewalls. I am thinking something like, whether I can create ping checks to an external server such as 8.8.8.8 withing these agents’ wan links. Is this possible or are there any other ways to do this?

    Fran replied 7 months, 2 weeks ago 2 Members · 3 Replies
  • 3 Replies

  • Fran

    Administrator
    enero 8, 2024 at 11:48
    226 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Good morning,

    For the monitoring of such firewalls, you can configure and use remote monitoring and use snmp queries to monitor both the interfaces and the consumption of the same, availability, status, etc.. I provide access to the documentation:

    pandorafms.com/manual/!current/en/documentation/03_monitoring/03_remote_monitoring

    Best regards

  • Pamod

    Member
    enero 8, 2024 at 16:01
    76 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    I have already setup both remote network monitoring using ICMP and SNMP. I already have the consumptions of each interface. What I need is to create an timely ping check to an external server such as 8.8.8.8 from the firewall’s network, so that I can monitor the internet connectivity status of these firewalls. Because sometimes the WAN interface might be in the Operating status (ifOperStatus) but you unable to access the internet.

    • Fran

      Administrator
      enero 10, 2024 at 15:58
      226 Karma points
      Community rank: tentacle-noob-1 Tentacle noob
      Like it
      Up
      0
      Down
      Drop it
      ::

      I understand the reported behavior when verifying the information provided by the SNMP monitoring against the firewall/router. Usually, if you want to verify this connectivity in case of a possible suspicion of the reported situation, the usual way is to connect to the router and do it directly from the router, since you cannot make the tool interact directly with it, as if it were a user. There are other possibilities that I will explain, as well as some clarification.

      There is the possibility to perform Host Alive checks from a module in a Console Agent, but if you set a host alive module in the console agent corresponding to the router monitoring. This will perform the check directly against the external server but from the PandoraFMS server itself, if the server is not inside the router/firewall network, the test will not be effective.

      The easiest way is to establish a software agent in a device that supports it (Rasberry, computer…) that is inside the corresponding network and create a module that performs this check at system level. This can be done by means of a module that executes a script.

Start of Discussion
0 of 0 replies June 2018
Now

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .