DX Infrastructure Manager

Expand all | Collapse all

Nimsoft on a TMG

Jump to Best Answer
  • 1.  Nimsoft on a TMG

    Posted 05-20-2014 12:36 AM

    Hi,

     

    Has anyone configured nimsoft on a Threat Management Gateway server? I am really having hardtime to get it in nimsoft.

     

     

    Thanks,

    Ananda Guberan K



  • 2.  Re: Nimsoft on a TMG

    Posted 05-20-2014 07:38 AM

    Hi,

     

    Yes, if you mean allowing robot access to hub. It's not really any different from other common TMG rules. Just allow your port range to both directions from proper source / destination. TCP 48000-x

     

    -jon



  • 3.  Re: Nimsoft on a TMG

    Posted 05-20-2014 10:11 PM
    Hi Jon,

    We have been allowing the access on a range of ports from 48000-48025 bidirectionally. But on checking the network traffic, it was found that the TMG hosts receives the packets from the nimsoft server and fails to send back packets to nimsoft server inspite of the firewall rules being excluded. So is there any specific changes confined to TMG needs to be added?


    Thanks,
    Ananda


  • 4.  Re: Nimsoft on a TMG
    Best Answer

    Posted 05-21-2014 08:08 AM

    Generally speaking, no. I suggest you monitor the traffic in TMG's tools and check what's going on. It should be fairly straight forward.

     

    It's easy to do it wrong if you allow it to both directions in one rule. To troubleshoot, I suggest you try creating a separate rule for each direction.

     

    -jon



  • 5.  Re: Nimsoft on a TMG

    Posted 05-21-2014 04:56 PM

    Did you make sure to set the first probe port on the controller to 48004 or something like that? I think the range you opened looks good (we use the same), but that will only work with the first probe port set. Otherwise you get random port numbers.



  • 6.  Re: Nimsoft on a TMG

    Posted 05-21-2014 06:49 PM

    Hi Keithk,

     

    The first probe port is 48000 in this case. And also on the TMG host, an exception is set to the nimsoft server. And I guess we should have some better insight when we have the route table for this host. May be with that we can understand the communication factor.

     

     

    Thanks,

    Ananda Guberan K



  • 7.  Re: Nimsoft on a TMG

    Posted 05-21-2014 06:40 PM

    Hi Jon,

     

    Creating a seperate rule here makes sense. Let me investigate on this.

     

     

    Thanks,

    Ananda Guberan K



  • 8.  Re: Nimsoft on a TMG

    Posted 05-23-2014 12:31 AM

    Hi Jon,

     

    I was able to identify that the packets were rejected by the TMG which we found out by monitoring the traffic in TMG. So upon adding a rule (inbound and outbound) we were able to set up monitoring. But we had distsrv on another hub so we need to add another rule atleast till we have the probes installed and have them disabled post probe deployment. But if the server and distsrv are on the same hub then one single rule should be good enough.

     

     

    Thanks,

    Ananda Guberan K