cjet
2012-09-12 06:56:29 UTC
cjet [http://community.zenoss.org/people/cjet] created the discussion
"Re: Zenoss ping issue."
To view the discussion, visit: http://community.zenoss.org/message/68531#68531
--------------------------------------------------------------
Hi,
I seem to have this problem with Zenoss Core 4.2. I have several small sites with Checkpoint UTM-1 Edge boxes, which are dropping the ICMP packets down with statement "Payload Null", even though I am monitoring through trusted VPN connection which is bypassing the normal firewall rules.
I am kind of stuck with this problem, and I can not find a way to correct it.
Is there a way to change Zenping ICMP Payload lenght somewhere? Any help would be preciated.
With Zenoss 3.2.1 everything worked like charm, but with new version.......................
inspection specifically drop the ICMP echo request packets sent by
zenping because they don't contain the same kind of payloads seen in
ordinary ICMP echo requests sent by the ping command line utilities in
common operating systems.
The best thing to do if you think Zenoss is incorrectly marking
devices as ping down when you know that they are not would be to
capture the packets with tcpdump or wire shark or whatever sniffer
you're accustomed to using. Typically you will see that Zenoss sends
the ICMP echo request, but never gets the ICMP echo reply. Normally
this is due to a firewall trying to be too smart.
_______________________________________________
zenoss-users mailing list
http://lists.zenoss.org/mailman/listinfo/zenoss-users http://lists.zenoss.org/mailman/listinfo/zenoss-users
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/68531#68531]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]
"Re: Zenoss ping issue."
To view the discussion, visit: http://community.zenoss.org/message/68531#68531
--------------------------------------------------------------
Hi,
I seem to have this problem with Zenoss Core 4.2. I have several small sites with Checkpoint UTM-1 Edge boxes, which are dropping the ICMP packets down with statement "Payload Null", even though I am monitoring through trusted VPN connection which is bypassing the normal firewall rules.
I am kind of stuck with this problem, and I can not find a way to correct it.
Is there a way to change Zenping ICMP Payload lenght somewhere? Any help would be preciated.
With Zenoss 3.2.1 everything worked like charm, but with new version.......................
I see a lot of events/alerts about 'ip bla-bla-bla down'.
I know that these devices are UP and i can ping them via zencommand
'Command: ping -c2 {device/manageIp}'. I've tried to restart
zenping daemon but it does not help.
What can be the cause of the problem?
I've seen occurrences where firewalls that are capable of deep packetI know that these devices are UP and i can ping them via zencommand
'Command: ping -c2 {device/manageIp}'. I've tried to restart
zenping daemon but it does not help.
What can be the cause of the problem?
inspection specifically drop the ICMP echo request packets sent by
zenping because they don't contain the same kind of payloads seen in
ordinary ICMP echo requests sent by the ping command line utilities in
common operating systems.
The best thing to do if you think Zenoss is incorrectly marking
devices as ping down when you know that they are not would be to
capture the packets with tcpdump or wire shark or whatever sniffer
you're accustomed to using. Typically you will see that Zenoss sends
the ICMP echo request, but never gets the ICMP echo reply. Normally
this is due to a firewall trying to be too smart.
_______________________________________________
zenoss-users mailing list
http://lists.zenoss.org/mailman/listinfo/zenoss-users http://lists.zenoss.org/mailman/listinfo/zenoss-users
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/68531#68531]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]