I have to put the PRTG monitor server behind a firewall. Now I can only monitor ICMP/PING. Which ports should be allowed in the Firewall to be able to scan Hyper-V and VMware VMs behind the firewall? I would like to read WMI counters, SNMP traffic, SQL2005 processes and running processes in the VMs. But also I need to be able to authenticate at Windows OS level and SQL level within the VM in order to read all system counters.
Article Comments
The servers are in a DMZ and Security Policy prevent us from putting a probe in the DMZ.
Apr, 2012 - Permalink
So which ports should be opened to read: - WMI system counters - SQL Server 2005 and 2008 system counters - Running processes in the Windows 2003 + Windows 2008 servers - standard Windows System Cuunters (CPU, Memory, Disk I/Os) - Network traffic in Windows Systems
Thanks.
Apr, 2012 - Permalink
Hi,
the sensors you mention are all covered with WMI, so all you should need is RPC port (TCP 135). Please refer also to the MS Knowledgebase for further details as there alos might be involved High Ports.
Best regards
Apr, 2012 - Permalink
Hi,
please see the list of ports discussed in this article. In general it is hard to say which ports have to be allowed in a firewall as this is strongly depends on the monitored services. In your case you might consider using a remote probe as this would only require one port to opened.
Best regards
Apr, 2012 - Permalink