1.0.1 snmp no longer works against inside interface of a remote pfsense box?
-
i have 2 pfsense boxes that form an IPsec vpn. at my remote site, pfsense is running 1.0.1. at my local site, its running 1.0-RC3. my cacti graphing has been at my remote site since for quite a while, but im in the process of migrating it to my local site. i currently have 2 mirrored cacti installs (one at each site) and this is the behavior im seeing:
the remote site can get interface statistics from the inside interface of the local pfsense (1.0-RC3).
the local site cannot get interface statistics from the inside interface of the remote pfsense (1.0.1).
last night was when i deployed what will be my new cacti install, and when i imported all my graphs and logs, everthing came up fine, except the remote 1.0.1 box. is this behavior intended?
thanks,
jonathan -
At the remote end check the following option at services>snmp:
Bind to LAN interface only
This option can be useful when trying to access the SNMP agent by the LAN interface's IP address through a VPN tunnel terminated on the WAN interface. -
well, ive not changed back to "up" yet, but snmp-get against it from this side appears to be working. i would assume in another 4 minutes, he should be "recovering".
thanks hoba :)