Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
Solved
Go to Solution
Link copied. Please paste this link to share this article on your social media post.
Accepted Solutions
Link copied. Please paste this link to share this article on your social media post.
Hello @CSelf,
I always recommend by starting with the NMC Event log to see if there are unauthorized attempts from your computers (gateway's) IP address. The event log can be accessed from the NMC interface by going to: Logs > Events > Log.
Since these devices were already configured and communicating to DCE, most of the SNMP settings on the device should be correct. In most APC SNMP interfaces this should be under: Configuration > Network > SNMPv1 > Access Control
If there is an NMS IP/Hostname you will need to update that value to be the Gateway IP Address (communication will be lost to DCE) or update it to be a more broad entry such as 0.0.0.0 or 10.10.10.0 depending on what DCE's IP address is and the Gateway's IP Address is.
If SNMPv3 is being used the menu option would be under: Configuration > Network > SNMPv3 > Access Control
As long as the same protocol is being used to Discover in the gateway that was configured to be used in DCE, the devices should discover.
The usual other culprit would be network. You can attempt to do an SNMPwalk from your computer (where the gateway is installed) using the following utility: https://community.se.com/t5/Troubleshooting/How-to-create-a-device-walk-file-for-EcoStruxure-IT-Gate...
If the walk is successful then the communication channel is open and the discovery issue would fall to a configuration within ITE for the discovery. Double-check your discovery settings or run another discovery using the same settings you used within the utility.
Kind Regards,
Cory
Link copied. Please paste this link to share this article on your social media post.
Hi Cory,
Thanks for your response.
There are a few "Detected an unauthorized user attempting to access the SNMP interface from.." with the IP of my endpoint, not the server running the discovery, is this normal? Occasionally when I tweak the SNMP settings on one of the devices I'm testing with I'll see the same SNMP error in the logs with the IP of the DCE, it resolves itself when I revert the changes, the error with my endpoint IP is consistent. I've verified all of the SNMP settings are the same on the devices as well as the gateway.
I downloaded and ran the device walker utility on the server, each device IP times out, I've tried multiple command variations including adding the read and write strings and specifying the port.
I've also checked our Palo firewall logs, traffic is getting out to the APC device but no packets are being sent back. Other APC traffic (SMTP, SSL) passes through the FW with no issues.
Thanks again for the great response.
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.