Saturday, February 6, 2010

Pinging the Unpingable

Despite it’s name, the TADDM PingSensor does not run the same ICMP ping that the command line utility ping does. What the PingSensor does is open a TCP socket on specific ports.
The list of ports used is in the Installation Guide:Planning Worksheet:

Port Target
CiscoWorks 1741
DNS 53
LDAP 389
SSH 22
WBEM 5988
WMI 135

Other ports used are 23 and 161.

This means that if a firewall is blocking these ports, then TADDM will not see any device there, even if another port, such as 80, is open. In that case, you’ll see an error message in the PingSensor log:

2010-02-06 14:13:11,875 DiscoverManager [DiscoverWorker-14] PingSensor-64.12.100.5 INFO session.Ping - Ping failed for IP address 64.12.100.5 on all ports [22, 23, 135, 161]

In this case, you’ll either need to <gasp> open the firewall between TADDM and that server or add another port to the list TADDM scans by adding a property to collation.properties.

From the sensor settings section of the Administration Guide: com.collation.pingagent.ports=xx,yy, ...

By default, this property is used by the PingSensor sensor. It is not defined in the collation.properties file and has to be manually defined if needed.
Valid values are non-negative, numerical.
To override the default set of ports that the Ping sensor attempts to use, add this property to the collation.properties file and specify the port numbers as a comma-separated list. The default set of ports the Ping sensor attempts to use are port 22 and then port 135, if it cannot first make a connection to port 22.
For example, to add the SNMP port 161 to the existing ports that the Ping sensor attempts to connect to, you would add 161 to the end of the list of default ports: com.collation.pingagent.ports=22,135,161.
If you only wanted the Ping sensor to use port 161, set it to the following: com.collation.pingagent.ports=161.


Posted by Robert at 11:11 AM 0 comments
Labels: , ,
Subscribe to: Posts (Atom)