Can the MID server access CIs on different network segments?

Makoto Uchiyam1
Tera Contributor

Hi.

Please tell me if it is possible that the MID server access CIs on different network segments.

When we set the IP range, we set a private IP address, but we thought that if that were the case, we could only detect CIs that existed in the same network.

Regards,

【Additional Information】

Sorry for my poor explanation.

I have no idea about the networking requirements of the MID server and the target server.

My questions are following four points.

1. Is it possible to access a server on a network beyond the router by specifying a private IP address?

2. If possible, is that predicated on having router credentials?

3. What happens if some devices have duplicate private IP addresses?

4. Is it possible to do Discovery from a MID server in the public Cloud to our own data center?

find_real_file.png

1 ACCEPTED SOLUTION

Hi Makoto,

 

1. Is it possible to access a server on a network beyond the router by specifying a private IP address?   Yes, if required firewall rules are granted, you can do discovery with network subnet like 10.x.x.x/22 with private IP

2. If possible, is that predicated on having router credentials?  Yes, router has to be discovered as well so credentials will be required

3. What happens if some devices have duplicate private IP addresses? Discovery mostly identifies using serial numbers (hardware related CIs), Installation paths (for  software related CIs). So it will discover all and identify them uniquely. Having similar IP will not be a problem

4. Is it possible to do Discovery from a MID server in the public Cloud to our own data center? That will require a whole lot of permissions and it is not advisable. It is much easier and better in terms of performace to have a MID Server in your own datacenter as well

View solution in original post

9 REPLIES 9

Yes Public IPs of the devices would be required for the MID Server to discover. The data has to go through a lot of traffice. Hence it is suggested to have a MID Server in the data center and one in Cloud. It is best in terms of performance and complexity

Rahul Priyadars
Giga Sage
Giga Sage
Different nw segments......are you referring to different VLANS? Technically mid server can start communication if port and traffic is allowed , but security team or nw architect may not allow this . Regards RP

Hi Rahul,

Thanks for your reply and sorry for my poor explanation.

Please refer my additional information on this topic.

Regards,

Richard Hine
Tera Guru
Tera Guru

Makoto,

We have previously set a MID server on the trunk port of a switch hosting multiple VLANs and it was able to access them just fine.

You can have a single MID server for a whole enterprise, however the configuration of many many firewalls becomes your issue. I would always prefer to place a MID closest to the devices they are discovering or interacting with, but where this is not possible I always try to place the MID inside any internal firewalls that might block communication.

Hope this helps,

Richard

Hi Richard,

Thanks for your reply and sorry for my poor explanation.

Please refer my additional information on this topic.

Regards,