Cacti monitoring broke when I re-built my Untangle box

[boy412]

So I had an issue with my old Untangle VM and decided to start fresh with a new 64 bit VM running the latest release. Everything went swimmingly except for one issue...I can no longer monitor this VM with Cacti. Cacti just reports an SNMP error.

I've verified SNMP is running. If I run an snmpwalk inside Untangle, I get SNMP results back. If I run it from a box outside of the Untangle box it times out.

Code:

#snmpwalk -v1 -c d1g1tal 192.168.43.7

The IP address of the new VM is the same as the old one...and all the SNMP config files are identical to the old VM. I'm not sure what else to check. This is kind of a weird setup that I was not involved in setting up. There is a ZeroShell server upstream providing load balancing, and a Squid proxy also upstream...doing whatever it does. I'm stumped...and I really need to be able to monitor how this new VM is performing.

[mrunkel]

There is a packet filter rule concerning SNMP.

[sky-knight]

Check the packet filter, you may have to make a rule to allow access to the local SNMP service.

*Edit* See what happens when you get on the phone and don't hit refresh before you post! MRunkel beats me to it!

[boy412]

"Accept SNMP traffic from the Internal interface" is checked.

[dmorris]

"Accept SNMP traffic from the Internal interface" is checked.

But you said you were querying it from outside. ?

[boy412]

I was querying it from machines on the LAN, not from machines "outside".

I don't have a lot of experience on the networking side of things so I may be missing something conceptually here. Wouldn't "outside" mean a machine NOT on the LAN?

We have a duplicate setup at another site (older version of Untangle) and its reporting data to Cacti just fine. "Accept SNMP traffic from all interfaces" is not checked on that system.

[sky-knight]

Toss in a packet filter rule as follows:

Pass
Protocol: UDP
Destination: Local
Destination port: 161
source interface: internal

And see if you can query from the LAN. That accept all rule should be doing this already, but it can't hurt to double check.

[boy412]

That had no effect (I restarted snmp for good measure). Just for the sake of experimentation I enabled "Accept SNMP traffic from all interfaces". Lo and behold I can get results from an SNMP walk from another machine on the LAN...and Cacti seems to be happy now.

I'm happy this is working now but I'd love to know why this is so. Feels like a kludge and I don't like those. The external/WAN side of this box should have nothing to do with SNMP traffic to my machines on the LAN. Right?

[mrunkel]

are you in bridge mode? It sounds like your Internal/LAN is not what you think it is.

I'd go to config->networking and verify each interface by disconnecting them in turn and verifying that the lights go off on the UI.

[hlarsen]

i just opened a pretty much default install of v9.2 in a VM, turned on monitoring, booted up a host behind the VM and snmpwalked it without issue. i'd take a look at your vm networking.