Can the MID server access CIs on different network segments?

Go to solution
Makoto Uchiyam1
Tera Contributor

‎07-15-2022 04:11 AM

Hi.

Please tell me if it is possible that the MID server access CIs on different network segments.

When we set the IP range, we set a private IP address, but we thought that if that were the case, we could only detect CIs that existed in the same network.

Regards,

【Additional Information】

Sorry for my poor explanation.

I have no idea about the networking requirements of the MID server and the target server.

My questions are following four points.

1. Is it possible to access a server on a network beyond the router by specifying a private IP address?

2. If possible, is that predicated on having router credentials?

3. What happens if some devices have duplicate private IP addresses?

4. Is it possible to do Discovery from a MID server in the public Cloud to our own data center?

find_real_file.png

Labels:
Preview file
23 KB
0 Helpfuls
  • 1,003 Views
1 ACCEPTED SOLUTION

Go to solution
suvro
Mega Sage
Mega Sage
In response to Makoto Uchiyam1

‎07-18-2022 10:03 PM

Hi Makoto,

 

1. Is it possible to access a server on a network beyond the router by specifying a private IP address?   Yes, if required firewall rules are granted, you can do discovery with network subnet like 10.x.x.x/22 with private IP

2. If possible, is that predicated on having router credentials?  Yes, router has to be discovered as well so credentials will be required

3. What happens if some devices have duplicate private IP addresses? Discovery mostly identifies using serial numbers (hardware related CIs), Installation paths (for  software related CIs). So it will discover all and identify them uniquely. Having similar IP will not be a problem

4. Is it possible to do Discovery from a MID server in the public Cloud to our own data center? That will require a whole lot of permissions and it is not advisable. It is much easier and better in terms of performace to have a MID Server in your own datacenter as well

View solution in original post

9 REPLIES 9

Go to solution
suvro
Mega Sage
Mega Sage
In response to Makoto Uchiyam1

‎07-20-2022 05:15 AM

Yes Public IPs of the devices would be required for the MID Server to discover. The data has to go through a lot of traffice. Hence it is suggested to have a MID Server in the data center and one in Cloud. It is best in terms of performance and complexity

Go to solution
Rahul Priyadars
Tera Sage
Tera Sage

‎07-16-2022 12:43 AM

Different nw segments......are you referring to different VLANS? Technically mid server can start communication if port and traffic is allowed , but security team or nw architect may not allow this . Regards RP

Go to solution
Makoto Uchiyam1
Tera Contributor
In response to Rahul Priyadars

‎07-18-2022 06:43 PM

Hi Rahul,

Thanks for your reply and sorry for my poor explanation.

Please refer my additional information on this topic.

Regards,

0 Helpfuls

Go to solution
Richard Hine
Tera Guru
Tera Guru

‎07-17-2022 12:09 PM

Makoto,

We have previously set a MID server on the trunk port of a switch hosting multiple VLANs and it was able to access them just fine.

You can have a single MID server for a whole enterprise, however the configuration of many many firewalls becomes your issue. I would always prefer to place a MID closest to the devices they are discovering or interacting with, but where this is not possible I always try to place the MID inside any internal firewalls that might block communication.

Hope this helps,

Richard

Go to solution
Makoto Uchiyam1
Tera Contributor
In response to Richard Hine

‎07-18-2022 06:43 PM

Hi Richard,

Thanks for your reply and sorry for my poor explanation.

Please refer my additional information on this topic.

Regards,

0 Helpfuls